Multi-processor systems are vulnerable to hardware supply-chain attacks—including chip substitution and man-in-the-middle (MitM) attacks—due to the absence of processor identity authentication during boot, thereby compromising secure boot integrity. This paper proposes the first formally verified processor authentication protocol for the boot phase, enabling fine-grained processor identity verification in multi-processor secure boot. We conduct full mechanized security verification in Isabelle/HOL, establishing 306 lemmas and theorems (≈7,100 lines of code), rigorously proving functional correctness and resilience against substitution, MitM, and certificate tampering attacks. A prototype implementation demonstrates negligible overhead while achieving efficient detection of boot-time attacks. Our approach significantly enhances the boot-time security assurance of multi-processor systems.

Hardware supply-chain attacks are raising significant security threats to the boot process of multiprocessor systems. This paper identifies a new, prevalent hardware supply-chain attack surface that can bypass multiprocessor secure boot due to the absence of processor-authentication mechanisms. To defend against such attacks, we present PA-Boot, the first formally verified processor-authentication protocol for secure boot in multiprocessor systems. PA-Boot is proved functionally correct and is guaranteed to detect multiple adversarial behaviors, e.g., processor replacements, man-in-the-middle attacks, and tampering with certificates. The fine-grained formalization of PA-Boot and its fully mechanized security proofs are carried out in the Isabelle/HOL theorem prover with 306 lemmas/theorems and ~7,100 LoC. Experiments on a proof-of-concept implementation indicate that PA-Boot can effectively identify boot-process attacks with a considerably minor overhead and thereby improve the security of multiprocessor systems.