Microsoft Is Using AI Agents to Mathematically Prove Its Encryption Code Has No Flaws

The team behind Windows and Azure's cryptography library is doing something unusual: not just testing the code, but proving it correct, for every possible input, using formal mathematical proofs written partly by AI.

AI2Day Newsdesk· 3 min read
Full-frame edge-to-edge photoreal close-up of a server motherboard UEFI firmware chip under cool blue rack lighting, shallow depth of field, faint amber glow fr
Share

Key points

  • Microsoft's SymCrypt library, the cryptography engine used in Windows and Azure, is being formally verified using a toolchain combining Rust, Lean, and Aeneas as of mid-2024.
  • The first verified algorithms released are SHA-3, a standard for creating digital fingerprints of data, and ML-KEM, a post-quantum encryption scheme designed to resist attacks from future quantum computers.
  • AI agents, software that can carry out multi-step tasks on its own, are writing mathematical proof steps that human engineers then review and check independently.
  • Microsoft open-sourced the verified code, specifications, and proofs in a public branch of SymCrypt, making the work available for outside review.
  • Future algorithms planned for the same treatment include AES-GCM, FrodoKEM, and ML-DSA, all of which protect data in Windows and Linux today.

Cryptographic code, the software that scrambles and protects data across every app, browser, and operating system, is notoriously unforgiving. One missed bounds check, meaning a failure to confirm that a number stays within a safe range, can crack open security that looks sound on the surface. Testing catches many bugs. It does not catch all of them.

Microsoft Research has been working on a different approach: proving the code is correct, mathematically, before it ships.

The project centres on SymCrypt, Microsoft's open-source cryptographic library that runs inside Windows and Azure Linux. Engineers are now writing new cryptographic algorithms in Rust, a programming language that rules out whole families of memory-safety errors by design. They then run those Rust programs through a tool called Aeneas, which translates the code into a form that a proof assistant called Lean can reason about.

Lean is not a chatbot. It is a formal proof framework, software that checks mathematical arguments the way a calculator checks arithmetic, except it checks proofs, and it never makes arithmetic mistakes.

The goal is to produce a theorem: for every valid input, this implementation returns exactly the result the published standard says it should. Not usually. Always.

The first public release covers SHA-3, a standard algorithm for creating a unique digital fingerprint of any piece of data, and ML-KEM, a post-quantum key exchange scheme. Post-quantum cryptography means algorithms built to stay secure even against quantum computers, machines that could break many of today's encryption methods.

How does AI fit into a mathematical proof?

Writing formal proofs is slow. That is where AI agents come in.

Agents handle the repetitive middle steps, drafting proof fragments that connect intermediate results. Human engineers focus on the parts that require real judgment: checking that the formal specification actually matches what the published standard says, and reviewing the high-level properties the code must satisfy. The proof-checking itself is fully automated and deterministic, which means the machine either accepts the proof or rejects it. There is no room for the agent to bluff.

Microsoft describes this as a clean split: agents write, humans review, the proof checker decides.

For people who use Windows, Azure, or any service that relies on Microsoft's security stack, the practical meaning is straightforward. The encryption protecting your files, your cloud data, and your logins is being held to a higher standard than testing alone can provide. If the proofs pass, the code does exactly what the standard requires.

The open-sourced branch lets outside researchers inspect both the Rust code and the proofs side by side, so the claims are not just Microsoft's word.

Watch for: announcements of formally verified builds reaching stable Windows releases, and whether other cryptography libraries adopt similar AI-assisted proof workflows. That would mark a real shift in how the industry thinks about software correctness.

© 2026 AI2Day