Cryptol experience
0 likes464 views
This document summarizes the experiences of Pedro Pereira and Ulisses Costa using the Cryptol language and tools. It describes their process of specifying the SNOW 3G cipher in Cryptol, generating implementations in VHDL and C, analyzing performance, and verifying correctness. It also provides feedback on documentation and areas for improvement. Key results include generating an efficient FPGA implementation achieving 160 MHz and verifying the pipeline structure improved throughput. Overall, the document confirms Cryptol enabled non-hardware experts to produce high-quality results.
![As promissed!
MULxPOW
MULxPOW : ([8] , [8] , [8]) -> [8];
MULxPOW (v ,i , c ) = res @ i
where res = [ v ] # [| MULx (e , c ) || e <- res |];
The latency of this implementation is 28 , because Cryptol
needs the static latency ⇒ latency of this circuit is equal to
the worst-case latency
But the third parameter is always the same and the second
one only instantiates 8 possible values
We can be more efficient by implementing it as 8 static
lookup tables with 256 8-bit elements each ⇒ BlockRAMs
Pedro Pereira, Ulisses Costa The Cryptol Experience](https://image.slidesharecdn.com/pres-090728011105-phpapp01/85/Cryptol-experience-12-320.jpg)
Cryptol experience
- 1. The Cryptol Experience Pedro Pereira Ulisses Costa Formal Methods in Software Engineering July 27, 2009 Pedro Pereira, Ulisses Costa The Cryptol Experience
- 2. Last milestone’s recap! We showed you Cryptol → VHDL translation Hardware performance analysis Real application of the verification framework Pedro Pereira, Ulisses Costa The Cryptol Experience
- 3. Electronic Design Automation with Cryptol 1 Write Cryptol specification closely resembling the mathematical one 2 Convert top-level function into stream model for performance analysis 3 Substitute unsupported constructs for compilation 4 Use verification framework for safety and equivalence checking 5 Adjust implementation according to space and time requirements Pedro Pereira, Ulisses Costa The Cryptol Experience
- 4. Milestone I We had to Learn the Cryptol language Create a SNOW 3G specification We consulted SNOW 3G specification Programming guide Examples folder Pedro Pereira, Ulisses Costa The Cryptol Experience
- 5. Milestone I Overall SNOW 3G is composed of simple manipulations and has a strong mathematical structure Clear and compact functional specification in Cryptol Quick specification process Pedro Pereira, Ulisses Costa The Cryptol Experience
- 6. Milestone I Programming guide Well written Cryptol definitions could be displayed in a different style Block cipher operation modes? Examples Great for watching Cryptol in action Perhaps two different specification-oriented case studies Pedro Pereira, Ulisses Costa The Cryptol Experience
- 7. Milestone II We had to Generate an efficient and equivalent C implementation We consulted Tools user guide Pragmatic Equivalence and Safety Checking in Cryptol Pedro Pereira, Ulisses Costa The Cryptol Experience
- 8. Milestone II Overall We didn’t quite grasp the difference between SBV and C Optimizations? We learned a lot about the verification framework Pedro Pereira, Ulisses Costa The Cryptol Experience
- 9. Milestone II Tools user guide Lacks some information regarding interpreter modes and respective differences Could use better formatting in some sections PESCC Contains everything needed to know about the verification framework Maybe not suitable/relevant for the end-user Pedro Pereira, Ulisses Costa The Cryptol Experience
- 10. Milestone III We had to Generate an efficient and equivalent VHDL implementation We consulted FPGA tutorial Pedro Pereira, Ulisses Costa The Cryptol Experience
- 11. Milestone III Opinions :help <options> FPGA tutorial also lacks a more consistent formatting Some information could have gone to the tools user guide We learned a lot about EDA but... Pedro Pereira, Ulisses Costa The Cryptol Experience
- 12. As promissed! MULxPOW MULxPOW : ([8] , [8] , [8]) -> [8]; MULxPOW (v ,i , c ) = res @ i where res = [ v ] # [| MULx (e , c ) || e <- res |]; The latency of this implementation is 28 , because Cryptol needs the static latency ⇒ latency of this circuit is equal to the worst-case latency But the third parameter is always the same and the second one only instantiates 8 possible values We can be more efficient by implementing it as 8 static lookup tables with 256 8-bit elements each ⇒ BlockRAMs Pedro Pereira, Ulisses Costa The Cryptol Experience
- 13. Even better DIVα and MULα are responsible for updating the LFSR 2 static lookup tables with 256 32-bit elements each! Pedro Pereira, Ulisses Costa The Cryptol Experience
- 14. SPIR Report === Summary of Path Timing Estimates === Overall clock period: 8.38 ns (119.3 MHz ) Input pin to flip-flop: 1.94 ns (514.7 MHz ) Flip-flop to flip-flop: 7.72 ns (129.6 MHz ) Flip-flop to output pin: 8.38 ns (119.3 MHz ) Input pin to output pin: No paths === Summary of Size Estimates === Estimated total size: about 6848 LUTs , 2776 Flipflops === Circuit Timing === circuit latency: 37 cycles (36 cycles plus propagation delay ) circuit rate: one element per cycle output length: unbounded total time: unbounded Pedro Pereira, Ulisses Costa The Cryptol Experience
- 15. Pipelining? reg pragma Sequential circuits in the stream model can be pipelined Separation of a function into several smaller computational units Each unit is a stage in the pipeline consuming output from previous stage and producing output to the next Can increase clockrate and throughput Pedro Pereira, Ulisses Costa The Cryptol Experience
- 16. Pipelining! Timing Summary: Minimum period: 6.214 ns (Maximum Frequency: 160.930 MHz) Minimum input arrival time before clock: 2.892 ns Maximum output required time after clock: 11.497 ns Maximum combinational path delay: No path found Device Utilization (size summary): Number of Slices: 1212 out of 14752 8% Number of Slice Flip Flops: 1810 out of 29504 6% Number of 4 input LUTs: 2192 out of 29504 7% Pedro Pereira, Ulisses Costa The Cryptol Experience
- 17. Comparison Implementation Frequency (MHz) Throughput (Mbps) Proposed SNOW 3G 160 5120 SNOW 3G 249 7968 SNOW 3G 100 2500 SNOW 2.0 141 4512 SNOW 1.0 66.5 2128 Pedro Pereira, Ulisses Costa The Cryptol Experience
- 18. The Big Question We claim that non-hardware people can get good results by working in Cryptol and would like to confirm or deny that claim. Galois, Inc. Yes, we can! Pedro Pereira, Ulisses Costa The Cryptol Experience
- 19. (Other) Questions ? Pedro Pereira, Ulisses Costa The Cryptol Experience