The constant-time discipline is a software-based countermeasure used for protecting high assurance cryptographic implementations against timing side-channel attacks. Constant-time is effective (it protects against many known attacks), rigorous (it can be formalized using program semantics), and amenable to automated verification. Yet, the advent of micro-architectural attacks makes constant-time as it exists today far less useful. This paper lays foundations for constant-time programming in the presence of speculative and out-of-order execution. We present an operational semantics and a formal definition of constant-time programs in this extended setting. Our semantics eschews formalization of microarchitectural features (that are instead a...
International audienceConstant-time programming is an established discipline to secure programs agai...
To be secure, cryptographic algorithms crucially rely on the underlying hardwareto avoid inadvertent...
Constant-time implementations are a popular approach for defending against cache-timing attacks. It ...
Side-channel attacks try to gain information about the secret data in sensitiveprograms through leve...
International audienceCryptographic constant-time (CT) is a popular programming discipline used by c...
Side-channel attacks are an especially dangerous form of attack. In this thesis, we focus on the tim...
The constant-time programming discipline is an effective countermeasure against timing attacks, whic...
International audienceTiming attacks are among the most devastating side-channel attacks, allowing r...
Les attaques par canaux cachés sont une forme d'attaque particulièrement dangereuse. Dans cette thès...
International audienceThe current gold standard of cryptographic software is to write efficient libr...
International audienceTiming side-channels are arguably one of the main sources of vulnerabilities i...
Abstract. Cache-based attacks are a class of side-channel attacks that are particularly effective in...
International audienceCache-based attacks are a class of side-channel attacks that are particularly ...
International audienceConstant-time programming is an established discipline to secure programs agai...
International audienceConstant-time programming is an established discipline to secure programs agai...
To be secure, cryptographic algorithms crucially rely on the underlying hardwareto avoid inadvertent...
Constant-time implementations are a popular approach for defending against cache-timing attacks. It ...
Side-channel attacks try to gain information about the secret data in sensitiveprograms through leve...
International audienceCryptographic constant-time (CT) is a popular programming discipline used by c...
Side-channel attacks are an especially dangerous form of attack. In this thesis, we focus on the tim...
The constant-time programming discipline is an effective countermeasure against timing attacks, whic...
International audienceTiming attacks are among the most devastating side-channel attacks, allowing r...
Les attaques par canaux cachés sont une forme d'attaque particulièrement dangereuse. Dans cette thès...
International audienceThe current gold standard of cryptographic software is to write efficient libr...
International audienceTiming side-channels are arguably one of the main sources of vulnerabilities i...
Abstract. Cache-based attacks are a class of side-channel attacks that are particularly effective in...
International audienceCache-based attacks are a class of side-channel attacks that are particularly ...
International audienceConstant-time programming is an established discipline to secure programs agai...
International audienceConstant-time programming is an established discipline to secure programs agai...
To be secure, cryptographic algorithms crucially rely on the underlying hardwareto avoid inadvertent...
Constant-time implementations are a popular approach for defending against cache-timing attacks. It ...