Litcius/Paper detail

Enforcing Fine-grained Constant-time Policies

Basavesh Ammanaghatta Shivakumar, Gilles Barthe, Benjamin Grégoire, Vincent Laporte, Swarn Priya

2022Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security12 citationsDOIOpen Access PDF

Abstract

Cryptographic constant-time (CT) is a popular programming discipline used by cryptographic libraries to protect themselves against timing attacks. The CT discipline aims to enforce that program execution does not leak secrets, where leakage is defined by a formal leakage model. In practice, different leakage models coexist, sometimes even within a single library, both to reflect different architectures and to accommodate different security-efficiency trade-offs.

Topics & Concepts

CryptographyComputer scienceLeakage (economics)Constant (computer programming)Information leakageComputer securityCryptographic protocolEmbedded systemDistributed computingProgramming languageEconomicsMacroeconomicsSecurity and Verification in ComputingCryptographic Implementations and SecurityCryptography and Data Security