Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

FaCT - A New Language for Constant-Time Programming

Strange Loop Conference via YouTube

Overview

Explore the challenges of implementing secure cryptographic algorithms and learn about FaCT, a new domain-specific language designed for constant-time programming. Delve into the complexities of writing crypto code that doesn't leak sensitive information, and discover how FaCT addresses these issues by allowing developers to use high-level language constructs while compiling to constant-time assembly. Examine the integration of FaCT into major projects like OpenSSL, libsodium, and mbedtls, as well as languages such as C, Python, and Haskell. Gain insights into timing side channels, cryptographic padding, and the intricacies of constant-time coding through practical examples. Understand the importance of labels in preventing information leakage, the automatic code transformations performed by FaCT, and the verification process for constant-time code. Analyze performance metrics and user study results, and consider future directions for this innovative approach to cryptographic programming.

Syllabus

Intro
Timing side channels
Cryptographic padding
Constant-time coding example
Padding removal: 1st try
Writing constant-time code is hard
Error-prone in practice
What does Fact look like?
Labels ensure no leakage
Automatically transform code
Transformations are tricky
Verifying constant-time code
Interoperate with external code
Performance numbers
User study results
Future directions

Taught by

Strange Loop Conference

Reviews

Start your review of FaCT - A New Language for Constant-Time Programming

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.