Skip to main content
European Commission logo print header

An end-to-end verification architecture for building Certified Implementations of Robust, Cryptographically Secure web applications

Article Category

Article available in the following languages:

A comprehensive approach to cybersecurity

Whereas most cybersecurity solutions are reactive and focus on a single threat, a new security verification framework aims to identify and eliminate entire classes of cyberthreats.

Digital Economy icon Digital Economy

Most of us happily live our digital lives oblivious to the constant threats that surround our devices and applications. That’s because, to a great extent, the security of these devices is protected by a variety of critical components, including cryptographic libraries, Transport Layer Security (TLS), browser security mechanisms, and single sign-on protocols. But, as regular cyberattacks make clear, this set-up is far from perfect. “Although these components remain widely used, we don’t have a solid understanding of how much security they actually provide,” says Karthik Bhargavan, a researcher at France’s National Institute for Research in Digital Science and Technology (Inria). “In fact, even the smallest bug in the coding of a component can – and does – lead to embarrassing and high-profile attacks.” Instead of trying to fix each problem individually, Bhargavan, through the support of the EU-funded CIRCUS project, is looking to cast a wider net. “Instead of wasting our time chasing each new threat, we propose developing a formal security verification framework that can identify and eliminate entire classes of vulnerabilities all in one go,” he adds.

No more excuses

To start, CIRCUS researchers helped design, analyse and standardise TLS 1.3 the latest version of the TLS protocol that underpins secure web browsing. “Our contributions here were acknowledged in the published standard, and our supporting research won a best paper award,” notes Bhargavan. The second phase of the European Research Council supported project focused on building HACL*, the first formally verified, high-performance library of cryptographic algorithms. “With HACL*, there is no longer any excuse for using unverified crypto code in mainstream security-critical applications,” he remarks. According to Bhargavan, a number of companies immediately wanted help deploying the HACL* code into their products, including Mozilla Firefox, Linux Kernel, WireGuard, Microsoft MsQuic, Tezos and ElectionGuard. “Taking software from a research project and improving its quality to be production-ready required a lot of learning and engineering work on our part,” he says. “Although this was outside our original plans for the project, it allowed us to accelerate the transfer of our research into real-world industrial applications.”

Pushing the cybersecurity envelope

The CIRCUS project succeeded in pushing the cybersecurity envelope in terms of formal verification and applied cryptography. “With the support of EU funding, we demonstrated that it is possible to formally verify production-ready, high-performance cryptographic software,” concludes Bhargavan. Although the project is now finished, the HACL* code is freely available via GitHub. Furthermore, Bhargavan and his team continue to advance many of the themes identified during the project, including the verification of cryptographic software written in mainstream verification-oriented languages like Rust. Researchers are also in the early stages of transferring CIRCUS’ research and results to a private company, with the aim of building an industrial community around verified cryptographic software.


CIRCUS, cybersecurity, security verification framework, cyberthreat, Transport Layer Security, cyberattacks, coding, HACL*, cryptographic algorithms, crypto code, cryptography

Discover other articles in the same domain of application