Real-world cryptographic code is often written in a subset of C intended to
execute in constant-time, thereby avoiding timing side channel
vulnerabilities. This C subset eschews structured programming as we know it:
if-statements, looping constructs, and procedural abstractions can leak
timing information when handling sensitive data. The resulting obfuscation
has led to subtle bugs, even in widely-used high-profile libraries like
OpenSSL.
To address the challenge of writing constant-time cryptographic code, we
present FaCT, a crypto DSL that provides high-level but safe language
constructs. The FaCT compiler uses a secrecy type system to automatically
transform potentially timing-sensitive high-level code into low-level,
constant-time LLVM bitcode. We develop the language and type system,
formalize the constant-time transformation, and present an empirical
evaluation that uses FaCT to implement core crypto routines from several
open-source projects including OpenSSL, libsodium, and curve25519-donna. Our
evaluation shows that FaCT's design makes it possible to write
\emph{readable}, high-level cryptographic code, with \emph{efficient},
\emph{constant-time} behavior.
Mon 24 Jun Times are displayed in time zone: Tijuana, Baja California change
10:00 - 11:00: Language Design IIPLDI Research Papers at 224AB Chair(s): Santosh NagarakatteRutgers University, USA | |||
10:00 - 10:20 Talk | CHET: An Optimizing Compiler for Fully-Homomorphic Neural-Network Inferencing PLDI Research Papers Roshan DathathriUniversity of Texas at Austin, USA, Olli Saarikivi, Hao ChenMicrosoft Research, Kim LaineMicrosoft Research, n.n., Kristin LauterMicrosoft Research, n.n., Saeed MalekiMicrosoft Research, Madan MusuvathiMicrosoft Research, Todd MytkowiczMicrosoft Research DOI Pre-print Media Attached | ||
10:20 - 10:40 Talk | Usuba: High-Throughput and Constant-Time Ciphers, by Construction PLDI Research Papers Media Attached | ||
10:40 - 11:00 Talk | FaCT: A DSL for Timing-Sensitive Computation PLDI Research Papers Sunjay CauligiUniversity of California, San Diego, Gary Soeller, Brian JohannesmeyerUniversity of California at San Diego, USA, Fraser BrownStanford University, Riad S. WahbyStanford University, USA, John RennerUniversity of California, San Diego, Benjamin GregoireINRIA, Gilles BartheIMDEA Software Institute, Ranjit JhalaUniversity of California, San Diego, Deian StefanUniversity of California San Diego Media Attached |