“They're not that hard to mitigate”: What cryptographic library developers think about timing attacks
Timing attacks are among the most devastating side-channel attacks, allowing remote
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
Constantine: Automatic side-channel resistance using efficient control and data flow linearization
In the era of microarchitectural side channels, vendors scramble to deploy mitigations for
transient execution attacks, but leave traditional side-channel attacks against sensitive …
transient execution attacks, but leave traditional side-channel attacks against sensitive …
SoK: Practical foundations for software Spectre defenses
S Cauligi, C Disselkoen, D Moghimi… - … IEEE Symposium on …, 2022 - ieeexplore.ieee.org
Spectre vulnerabilities violate our fundamental assumptions about architectural abstractions,
allowing attackers to steal sensitive data despite previously state-of-the-art …
allowing attackers to steal sensitive data despite previously state-of-the-art …
A systematic evaluation of automated tools for side-channel vulnerabilities detection in cryptographic libraries
A Geimer, M Vergnolle, F Recoules, LA Daniel… - Proceedings of the …, 2023 - dl.acm.org
To protect cryptographic implementations from side-channel vulnerabilities, developers must
adopt constant-time programming practices. As these can be error-prone, many side …
adopt constant-time programming practices. As these can be error-prone, many side …
Hunting the haunter-efficient relational symbolic execution for spectre with haunted relse
Spectre are microarchitectural attacks which were made public in January 2018. They allow
an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …
an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …
Cats vs. spectre: An axiomatic approach to modeling speculative execution attacks
H Ponce-de-León, J Kinder - 2022 IEEE Symposium on …, 2022 - ieeexplore.ieee.org
The SPECTRE family of speculative execution attacks has required a rethinking of formal
methods for security. Approaches based on operational speculative semantics have made …
methods for security. Approaches based on operational speculative semantics have made …
High-assurance cryptography in the spectre era
G Barthe, S Cauligi, B Grégoire… - … IEEE Symposium on …, 2021 - ieeexplore.ieee.org
High-assurance cryptography leverages methods from program verification and
cryptography engineering to deliver efficient cryptographic software with machine-checked …
cryptography engineering to deliver efficient cryptographic software with machine-checked …
Microwalk-CI: Practical side-channel analysis for JavaScript applications
J Wichelmann, F Sieck, A Pätschke… - Proceedings of the 2022 …, 2022 - dl.acm.org
Secret-dependent timing behavior in cryptographic implementations has resulted in
exploitable vulnerabilities, undermining their security. Over the years, numerous tools to …
exploitable vulnerabilities, undermining their security. Over the years, numerous tools to …
[PDF][PDF] “These results must be false”: A usability evaluation of constant-time analysis tools
Cryptography secures our online interactions, transactions, and trust. To achieve this goal,
not only do the cryptographic primitives and protocols need to be secure in theory, they also …
not only do the cryptographic primitives and protocols need to be secure in theory, they also …
{ProSpeCT}: Provably Secure Speculation for the {Constant-Time} Policy
We propose ProSpeCT, a generic formal processor model providing provably secure
speculation for the constant-time policy. For constant-time programs under a non …
speculation for the constant-time policy. For constant-time programs under a non …