Lib.rs

Cryptography | Development toolsTesting
#constant-time-cryptography #constant-time #timing #security

no-std arcanum-verify

Formal verification and timing analysis tools for the Arcanum cryptographic engine

Owned by paraphilic-ecchymosis.

3 releases

Uses new Rust 2024

0.1.2 Jan 26, 2026
0.1.1 Jan 23, 2026
0.1.0 Jan 22, 2026

#13 in #constant-time-cryptography

MIT/Apache

165KB
3K SLoC

Arcanum Verification Tools

Tools for verifying security properties of cryptographic implementations.

Timing Analysis

Detect timing side-channels using statistical methods:

  • dudect: Statistical timing leak detection
  • CI integration: Automated timing regression tests
  • Reports: Human-readable timing analysis reports

Model Checking

Formal verification of memory safety and correctness:

  • Kani: Bounded model checking for Rust
  • Memory safety: Prove absence of buffer overflows
  • Functional correctness: Verify invariants

Example

use arcanum_verify::prelude::*;

// Test AES-GCM for timing leaks
let result = TimingTest::new("aes_gcm_encrypt")
    .iterations(100_000)
    .run(|class| {
        let key = match class {
            Class::Left => [0x00u8; 32],
            Class::Right => [0xFFu8; 32],
        };
        Aes256Gcm::encrypt(&key, &nonce, &plaintext, None)
    });

assert!(result.is_constant_time(), "Timing leak detected: {}", result);

Security Properties Verified

  • Constant-time execution: No timing side-channels
  • Memory zeroization: Secrets cleared on drop
  • No buffer overflows: Bounds checking verified
  • No use-after-free: Memory safety guaranteed

Dependencies

~12–16MB
~312K SLoC