Python Integrates Formally Verified Crypto Library HACL*

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Python Integrates Formally Verified Crypto Library HACL*

2025-04-18

After 2.5 years of work, Python successfully integrated the formally verified cryptographic library HACL* into its hash and HMAC implementations. This upgrade replaces the previous SHA3 implementation, which contained a CVE, and covers various algorithms including Blake2, SHA3, and HMAC, significantly improving Python's security. The project overcame challenges in implementing streaming APIs and building the system, and also implemented handling of memory allocation failures. This demonstrates the potential of formal verification in large-scale real-world projects.

(jonathan.protzenko.fr)

Development

Lithium Propulsion: Hype vs. Reality in Aviation and Marine

Magnetic Bacteria's Collective Survival: Unraveling the Mystery of Multicellularity