Project Everest aims to build and deploy a verified HTTPS stack

We are a team of researchers and engineers from several organizations, including Microsoft Research, Carnegie Mellon University, INRIA, and the MSR-INRIA joint center.

Everest is a recursive acronym: It stands for the “Everest VERified End-to-end Secure Transport”.

The HTTPS Ecosystem

The HTTPS ecosystem (HTTPS and TLS protocols, X.509 public key infrastructure, crypto algorithms) is the foundation on which Internet security is built. Unfortunately, this ecosystem is brittle, with headline-grabbing attacks such as FREAK and LogJam http://mitls.org/pages/attacks/ and emergency patches many times a year.

Project Everest addresses this problem by constructing a high-performance, standards-compliant, formally verified implementation of components in HTTPS ecosystem, including TLS, the main protocol at the heart of HTTPS, as well as the main underlying cryptographic algorithms such as AES, SHA2 or X25519.

At the TLS level, for instance, we are developing new implementations of existing and forthcoming protocol standards and formally proving, by reduction to cryptographic assumptions on their core algorithms, that our implementations provide a secure-channel abstraction between the communicating endpoints. Implementations of the core algorithms themselves are also verified, producing performant portable C code or highly optimized assembly language.

We aim for our verified components to be drop-in replacements suitable for use in mainstream web browsers, servers, and other popular tools and are actively working with the community at large to improve the ecosystem.

A combination of several sub-projects

Project Everest is the combination of the following projects. Read below for an easy way to install all these projects together.

F*, a verification language for effectful programs

miTLS, reference implementation of the TLS protocol in F*

KreMLin, a compiler from a subset of F* to C

HACL*, a verified library of cryptographic primitives written in F*

Vale, a domain-specific language for verified cryptographic primitives in assembly

EverCrypt, a verified crypto provider that combines HACL* and Vale via an agile, multi-platform, self-configuring cryptographic API.

EverParse, a library and tool to automatically generate verified parsers and serializers for binary data formats

When combined together, the projects above generate a mixture of C and assembly code that implements TLS 1.3, with proofs of safety, correctness, security and various forms of side-channel resistance.

Current status

Everest is a work in progress. We generate C and assembly code for TLS-1.3, but the verification is not complete.

The TLS 1.3 handshake verification is a work in progress

We have completed verification of the TLS 1.3 record layer ; it currently extracts to C.

Several cryptographic assembly routines , including AES-GCM, Poly1305, AES and SHA2, are verified and extract to assembly via Vale. ( USENIX-17 , POPL-19 )

HACL* provides verified C code for multiple other primitives such as Curve25519, Chacha20, Poly1305 or HMAC.

Deployments

Everest code is deployed in several contexts.

Code from the HACL* crypto library and EverCrypt crypto provider is deployed in Mozilla Firefox, the Wireguard VPN, the upcoming Zinc crypto library for the Linux kernel, the MirageOS unikernel, and in the Tezos and Concordium blockchains.

The miTLS protocol stack powers Microsoft’s primary implementation of the QUIC transport protocol.

Getting started with Project Everest

To make things easier for prospective users, the everest script performs high-level project management and revision tracking.

Prerequisite (Windows only). Open up a Cygwin64 terminal with a Cygwin git client. Our library is a native Windows DLL but we rely on Cygwin to provide the Unix tools that many of our projects rely on.

The first step checks out the high-level everest command.

git clone https://github.com/project-everest/everest cd everest

This will ensure that your environment is sane. On Windows, this will fetch & install a proper version of OCaml and all packages for you.

./everest check

If you just want to read the sources, then the step below is sufficient; it will fetch blessed versions of all the projects, which are known to work together.

./everest pull

Building all the projects together should work at any time, and be achieved by running

./everest make

Testing the generated binaries can be achieved by running:

./everest test

But, remember that the whole point of the Everest project is that our code is entirely verified. Verification (which can be as slow as 2 hours on recent machines) can be performed by running:

./everest verify

Finally, if you want to revert to a clean state, you can run:

./everest clean

For the lazy: Docker

Every night, we automatically build the projecteverest/everest Docker image with everything already built and verified, for you to directly pull from the Docker Hub. If you have Docker installed on your machine, then you can pull the image using the usual command:

docker pull projecteverest/everest-windows-nt

F* blog

See F* for the masses for news on F* and Everest!

Filing bugs

Please file bugs if something doesn’t work!