English

PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot

Cryptography and Security 2025-04-22 v3 Hardware Architecture

Abstract

Hardware supply-chain attacks are raising significant security threats to the boot process of multiprocessor systems. This paper identifies a new, prevalent hardware supply-chain attack surface that can bypass multiprocessor secure boot due to the absence of processor-authentication mechanisms. To defend against such attacks, we present PA-Boot, the first formally verified processor-authentication protocol for secure boot in multiprocessor systems. PA-Boot is proved functionally correct and is guaranteed to detect multiple adversarial behaviors, e.g., processor replacements, man-in-the-middle attacks, and tampering with certificates. The fine-grained formalization of PA-Boot and its fully mechanized security proofs are carried out in the Isabelle/HOL theorem prover with 306 lemmas/theorems and ~7,100 LoC. Experiments on a proof-of-concept implementation indicate that PA-Boot can effectively identify boot-process attacks with a considerably minor overhead and thereby improve the security of multiprocessor systems.

Keywords

Cite

@article{arxiv.2209.07936,
  title  = {PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot},
  author = {Zhuoruo Zhang and Rui Chang and Mingshuai Chen and Wenbo Shen and Chenyang Yu and He Huang and Qinming Dai and Yongwang Zhao},
  journal= {arXiv preprint arXiv:2209.07936},
  year   = {2025}
}
R2 v1 2026-06-28T01:27:13.472Z