Skip to content

Latest commit

 

History

History

cbmc

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
KeccakF1600_StateExtractBytes
KeccakF1600_StateExtractBytes
 
 
KeccakF1600_StateExtractBytes_BE
KeccakF1600_StateExtractBytes_BE
 
 
KeccakF1600_StatePermute
KeccakF1600_StatePermute
 
 
KeccakF1600_StateXORBytes
KeccakF1600_StateXORBytes
 
 
KeccakF1600_StateXORBytes_BE
KeccakF1600_StateXORBytes_BE
 
 
KeccakF1600x4_StateExtractBytes
KeccakF1600x4_StateExtractBytes
 
 
KeccakF1600x4_StatePermute
KeccakF1600x4_StatePermute
 
 
KeccakF1600x4_StateXORBytes
KeccakF1600x4_StateXORBytes
 
 
barrett_reduce
barrett_reduce
 
 
basemul_cached
basemul_cached
 
 
crypto_kem_dec
crypto_kem_dec
 
 
crypto_kem_enc
crypto_kem_enc
 
 
crypto_kem_enc_derand
crypto_kem_enc_derand
 
 
crypto_kem_keypair
crypto_kem_keypair
 
 
crypto_kem_keypair_derand
crypto_kem_keypair_derand
 
 
ct_cmask_neg_i16
ct_cmask_neg_i16
 
 
ct_cmask_nonzero_u16
ct_cmask_nonzero_u16
 
 
ct_cmask_nonzero_u8
ct_cmask_nonzero_u8
 
 
ct_cmov_zero
ct_cmov_zero
 
 
ct_memcmp
ct_memcmp
 
 
ct_sel_int16
ct_sel_int16
 
 
ct_sel_uint8
ct_sel_uint8
 
 
fqmul
fqmul
 
 
gen_matrix
gen_matrix
 
 
gen_matrix_entry
gen_matrix_entry
 
 
gen_matrix_entry_x4
gen_matrix_entry_x4
 
 
indcpa_dec
indcpa_dec
 
 
indcpa_enc
indcpa_enc
 
 
indcpa_keypair_derand
indcpa_keypair_derand
 
 
invntt_layer
invntt_layer
 
 
keccak_absorb_once
keccak_absorb_once
 
 
keccak_absorb_once_x4
keccak_absorb_once_x4
 
 
keccak_squeeze_once
keccak_squeeze_once
 
 
keccak_squeezeblocks
keccak_squeezeblocks
 
 
keccak_squeezeblocks_x4
keccak_squeezeblocks_x4
 
 
keccakf1600_extractbytes
keccakf1600_extractbytes
 
 
keccakf1600_permute
keccakf1600_permute
 
 
keccakf1600_xorbytes
keccakf1600_xorbytes
 
 
lib
lib
 
 
matvec_mul
matvec_mul
 
 
montgomery_reduce
montgomery_reduce
 
 
ntt_butterfly_block
ntt_butterfly_block
 
 
ntt_layer
ntt_layer
 
 
poly_add
poly_add
 
 
poly_basemul_montgomery_cached
poly_basemul_montgomery_cached
 
 
poly_cbd_eta1
poly_cbd_eta1
 
 
poly_cbd_eta2
poly_cbd_eta2
 
 
poly_compress_du
poly_compress_du
 
 
poly_compress_dv
poly_compress_dv
 
 
poly_decompress_du
poly_decompress_du
 
 
poly_decompress_dv
poly_decompress_dv
 
 
poly_frombytes
poly_frombytes
 
 
poly_frommsg
poly_frommsg
 
 
poly_getnoise_eta1122_4x
poly_getnoise_eta1122_4x
 
 
poly_getnoise_eta1_4x
poly_getnoise_eta1_4x
 
 
poly_getnoise_eta2
poly_getnoise_eta2
 
 
poly_invntt_tomont
poly_invntt_tomont
 
 
poly_mulcache_compute
poly_mulcache_compute
 
 
poly_ntt
poly_ntt
 
 
poly_reduce
poly_reduce
 
 
poly_sub
poly_sub
 
 
poly_tobytes
poly_tobytes
 
 
poly_tomont
poly_tomont
 
 
poly_tomsg
poly_tomsg
 
 
polyvec_add
polyvec_add
 
 
polyvec_basemul_acc_montgomery
polyvec_basemul_acc_montgomery
 
 
polyvec_basemul_acc_montgomery_cached
polyvec_basemul_acc_montgomery_cached
 
 
polyvec_compress_du
polyvec_compress_du
 
 
polyvec_decompress_du
polyvec_decompress_du
 
 
polyvec_frombytes
polyvec_frombytes
 
 
polyvec_invntt_tomont
polyvec_invntt_tomont
 
 
polyvec_mulcache_compute
polyvec_mulcache_compute
 
 
polyvec_ntt
polyvec_ntt
 
 
polyvec_reduce
polyvec_reduce
 
 
polyvec_tobytes
polyvec_tobytes
 
 
polyvec_tomont
polyvec_tomont
 
 
rej_uniform
rej_uniform
 
 
rej_uniform_scalar
rej_uniform_scalar
 
 
scalar_compress_d1
scalar_compress_d1
 
 
scalar_compress_d10
scalar_compress_d10
 
 
scalar_compress_d11
scalar_compress_d11
 
 
scalar_compress_d4
scalar_compress_d4
 
 
scalar_compress_d5
scalar_compress_d5
 
 
scalar_decompress_d10
scalar_decompress_d10
 
 
scalar_decompress_d11
scalar_decompress_d11
 
 
scalar_decompress_d4
scalar_decompress_d4
 
 
scalar_decompress_d5
scalar_decompress_d5
 
 
scalar_signed_to_unsigned_q
scalar_signed_to_unsigned_q
 
 
sha3_256
sha3_256
 
 
sha3_512
sha3_512
 
 
shake128_absorb_once
shake128_absorb_once
 
 
shake128_squeezeblocks
shake128_squeezeblocks
 
 
shake128x4_absorb_once
shake128x4_absorb_once
 
 
shake128x4_squeezeblocks
shake128x4_squeezeblocks
 
 
shake256
shake256
 
 
shake256x4
shake256x4
 
 
.gitignore
.gitignore
 
 
Makefile.common
Makefile.common
 
 
Makefile_params.common
Makefile_params.common
 
 
README.md
README.md
 
 

README.md

CBMC proofs

Overview

This directory contains CBMC proofs for the absence of certain classes of undefined behaviour for parts of the C-code in mlkem-native.

Proofs are organized by functions, with the harnesses and proofs for each function in a separate directory.

See the Proof Guide for a walkthrough of how to use CBMC and develop new proofs.

Usage

To run all proofs, print a summary at the end and reflect overall success/failure in the error code, use

MLKEM_K={2,3,4} run-cbmc-proofs.py --summarize

If GITHUB_STEP_SUMMARY is set, the proof summary will be appended to it.

Covered functions

Each proved function has an eponymous sub-directory of its own. The shell command

find . -name cbmc-proof.txt

yields a list of the subdirectories, and thus function names, that have a proof.