Constant-time implementations are a popular approach for defending against cache-timing attacks. It is necessary to verify the resulting executables of such implementations, because the compiler might introduce timing side-channels during code optimization, leaving the program vulnerable even though the source code has no indication of possible timing side-channels. This thesis proposes a novel approach for formally verifying executables to be constant-time, by developing a type system for scVerif's low-level, assembly-like intermediate language, which features explicit leak statements. The resulting type checker can detect timing side-channels for arbitrary leakage models, including data-dependent instruction timings. However, the implemen...
International audienceSoftware-based countermeasures provide effective mitigation against side-chann...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
International audienceTiming attacks are among the most devastating side-channel attacks, allowing r...
Side-channel attacks are an especially dangerous form of attack. In this thesis, we focus on the tim...
Side-channel attacks try to gain information about the secret data in sensitiveprograms through leve...
Les attaques par canaux cachés sont une forme d'attaque particulièrement dangereuse. Dans cette thès...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
We provide further evidence that implementing software countermeasures against timing attacks is a n...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
International audienceConstant-time programming is an established discipline to secure programs agai...
Abstract. Cache-based attacks are a class of side-channel attacks that are particularly effective in...
International audienceConstant-time programming is an established discipline to secure programs agai...
To be secure, cryptographic algorithms crucially rely on the underlying hardwareto avoid inadvertent...
International audienceCryptographic constant-time (CT) is a popular programming discipline used by c...
International audienceSoftware-based countermeasures provide effective mitigation against side-chann...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
International audienceTiming attacks are among the most devastating side-channel attacks, allowing r...
Side-channel attacks are an especially dangerous form of attack. In this thesis, we focus on the tim...
Side-channel attacks try to gain information about the secret data in sensitiveprograms through leve...
Les attaques par canaux cachés sont une forme d'attaque particulièrement dangereuse. Dans cette thès...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
We provide further evidence that implementing software countermeasures against timing attacks is a n...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
International audienceConstant-time programming is an established discipline to secure programs agai...
Abstract. Cache-based attacks are a class of side-channel attacks that are particularly effective in...
International audienceConstant-time programming is an established discipline to secure programs agai...
To be secure, cryptographic algorithms crucially rely on the underlying hardwareto avoid inadvertent...
International audienceCryptographic constant-time (CT) is a popular programming discipline used by c...
International audienceSoftware-based countermeasures provide effective mitigation against side-chann...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
International audienceTiming attacks are among the most devastating side-channel attacks, allowing r...