Mon 24 Jun 2019 10:40 - 11:00 at 224AB - Language Design II Chair(s): Santosh Nagarakatte

Real-world cryptographic code is often written in a subset of C intended to
execute in constant-time, thereby avoiding timing side channel
vulnerabilities. This C subset eschews structured programming as we know it:
if-statements, looping constructs, and procedural abstractions can leak
timing information when handling sensitive data. The resulting obfuscation
has led to subtle bugs, even in widely-used high-profile libraries like

To address the challenge of writing constant-time cryptographic code, we
present FaCT, a crypto DSL that provides high-level but safe language
constructs. The FaCT compiler uses a secrecy type system to automatically
transform potentially timing-sensitive high-level code into low-level,
constant-time LLVM bitcode. We develop the language and type system,
formalize the constant-time transformation, and present an empirical
evaluation that uses FaCT to implement core crypto routines from several
open-source projects including OpenSSL, libsodium, and curve25519-donna. Our
evaluation shows that FaCT's design makes it possible to write
\emph{readable}, high-level cryptographic code, with \emph{efficient},
\emph{constant-time} behavior.

Mon 24 Jun

Displayed time zone: Tijuana, Baja California change

10:00 - 11:00
Language Design IIPLDI Research Papers at 224AB
Chair(s): Santosh Nagarakatte Rutgers University, USA
CHET: An Optimizing Compiler for Fully-Homomorphic Neural-Network Inferencing
PLDI Research Papers
Roshan Dathathri University of Texas at Austin, USA, Olli Saarikivi , Hao Chen Microsoft Research, Kim Laine Microsoft Research, n.n., Kristin Lauter Microsoft Research, n.n., Saeed Maleki Microsoft Research, Madan Musuvathi Microsoft Research, Todd Mytkowicz Microsoft Research
DOI Pre-print Media Attached
Usuba: High-Throughput and Constant-Time Ciphers, by Construction
PLDI Research Papers
Darius Mercadier Sorbonne Universités —UPMC Univ Paris 06, Pierre-Evariste Dagand LIP6/CNRS
Media Attached
FaCT: A DSL for Timing-Sensitive Computation
PLDI Research Papers
Sunjay Cauligi University of California, San Diego, Gary Soeller , Brian Johannesmeyer University of California at San Diego, USA, Fraser Brown Stanford University, Riad S. Wahby Stanford University, USA, John Renner University of California, San Diego, Benjamin Gregoire INRIA, Gilles Barthe IMDEA Software Institute, Ranjit Jhala University of California, San Diego, Deian Stefan University of California San Diego
Media Attached