Skip to content

Commit 24a1562

Browse files
committed
Add HOL-Light proofs to root README
Signed-off-by: Matthias J. Kannwischer <[email protected]>
1 parent e8a4d71 commit 24a1562

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

README.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,13 @@ make test
4343

4444
We use the [C Bounded Model Checker (CBMC)](https://github.com/diffblue/cbmc) to prove absence of various classes of undefined behaviour in C, including out of bounds memory accesses and integer overflows. The proofs cover all C code in [mldsa/src/*](mldsa) and [mldsa/src/fips202/*](mldsa/src/fips202) involved in running mldsa-native with its C backend. See [proofs/cbmc](proofs/cbmc) for details.
4545

46+
HOL-Light functional correctness proofs can be found in [proofs/hol_light/x86_64](proofs/hol_light/x86_64). So far, the following functions have been proven correct:
47+
48+
- x86_64 NTT [ntt.S](mldsa/src/native/x86_64/src/ntt.S)
49+
50+
51+
These proofs are utilizing the verification infrastructure in [s2n-bignum](https://github.com/awslabs/s2n-bignum).
52+
4653
## Security
4754

4855
All assembly in mldsa-native is constant-time in the sense that it is free of secret-dependent control flow, memory access,

0 commit comments

Comments
 (0)