Secure and trusted white-box verification

TL;DR

This paper introduces protocols for verifying designs with limited information disclosure, enabling secure, trusted, and flexible verification by third parties without revealing sensitive design details.

Contribution

It formalizes limited information verification using tabular expressions and develops protocols for white-box testing that work with trusted or untrusted developers.

Findings

Protocols enable verification with partial design info

Verification process can be checked by third parties

Works with both trusted and untrusted developers

Abstract

Verification is the process of checking whether a product has been implemented according to its prescribed specifications. We study the case of a designer (the developer) that needs to verify its design by a third party (the verifier), by making publicly available a limited amount of information about the design, namely a diagram of interconnections between the different design components, but not the components themselves or the intermediate values passed between components. We formalize this notion of limited information using tabular expressions as the description method for both the specifications and the design. Treating verification as a process akin to testing, we develop protocols that allow for the design to be verified on a set of inputs generated by the verifier, using any test-case generating algorithm that can take advantage of this extra available information (partially white-box testing), and without compromising the developer's secret information. Our protocols work with both trusted and untrusted developers, and allow for the checking of the correctness of the verification process itself by any third party, and at any time.