High-Assurance Crypto Software

Explore high-assurance cryptographic software in this 36C3 conference talk. Delve into the challenges of implementing secure cryptographic tools, including software bugs and timing leaks that have compromised various systems. Learn about constant-time software, its importance in preventing timing attacks, and how modern reverse-engineering tools can be leveraged to verify crypto software more easily. Gain insights into the progress and limitations of verified crypto libraries, and understand the need for accelerated advancements in this field. Discover self-contained answers to key questions about timing attacks, constant-time software, and the process of guaranteeing code correctness. Follow along as speakers Daniel J. Bernstein and Tanja Lange cover topics such as square multiply algorithms, constructive approaches, mathematical solutions, proofs, and the limitations of current implementations.