Chrome Cryptocode Generator Revealed
Written by Kay Ewbank   
Monday, 24 June 2019

A system that automatically generates optimized cryptography code is in use in Google Chrome. The details were revealed at the recent IEEE Symposium on Security and Privacy by MIT researchers.

The cryptography is being used to keep the communication between the browser and the website being viewed secure. Until recently, the mathematical algorithms used to carry out the cryptography was being written and rewritten by hand.

Chrome LogoResearchers from the Computer Science and Artificial Intelligence Laboratory (CSAIL) designed “Fiat Cryptography,” a system that automatically generates and simultaneously verifies optimized cryptographic algorithms for all hardware platforms. The code created matches the performance of the best handwritten code, but is much faster. 

Their researchers looked at existing implementations of handwritten ECC algorithms in C and assembly languages, and transferred those techniques into their code library. This generated a list of best-performing algorithms for each architecture. The project then used a compiler that has been mathematically verified with a proofing tool called Coq. Once verified, the library hen simulates each algorithm and selects the best-performing one for each chip architecture. 

The cryptographic algorithms being optimized are elliptical curve cryptography (ECC). These generate keys of various sizes by choosing numerical points at random along a numbered curved line on a graph. Because the processing chips can’t store such large numbers in one place, they are briefly split into smaller digits that are stored on registers. The way the split is made has different performance consequences, and is so complex that the developers writing ECC algorithms manually implement the bit-splitting decisions in their code. In their work, the MIT researchers made use of those human decisions to automatically generate a library of optimized ECC algorithms for any hardware.
 
The researchers equipped their Coq-based compiler with partial evaluation optimization to precompute all the bit-splitting methods. When matching them to a given chip architecture, it can then immediately discard all algorithms that won’t work for that architecture, so reducing the time it takes to search the library.

From that, the researchers put together a library of the best ways to split ECC algorithms for different chip architectures.

The  automatically generated code is being used in Google’s BoringSSL, an open-source cryptographic library that's a fork of OpenSSL. Google Chrome, Android apps, and other programs use BoringSSL to generate the keys and certificates used to encrypt and decrypt data. According to the researchers, about 90 percent of secure Chrome communications currently run their code.

The next goal is to find ways to make the compiler run even faster in searching for optimized algorithms.
 

Chrome Logo

More Information

Paper On Fiat Cryptography

BoringSSL On GitHub

Related Articles

Microsoft SEAL Cryptography .NET Wrapper Released

MS Cryptography Library Open Sourced

Tink Library Helps You Develop Secure Code

Facebook Conceals Encryption For Android

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, Facebook or Linkedin.

Banner


Wing Python Offers Better Remote Dev Connections
20/09/2019

Wing Python 7.1.1 has been updated with better handling of remote development connections, and fixes so that Pandas DataFrame and Series values are displayed correctly among a number of improvements.

 [ ... ]



Free C#, .NET And ASP.NET Videos
01/10/2019

There's a new collection of free videos on C#, .NET and ASP.NET by Scott Hanselman, Microsoft Principal Community Architect for Web Platform and Tools.


More News

graphics

 



 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Tuesday, 25 June 2019 )