Explore cache attacks, SGX technology, and constant-time coding techniques in this 33-minute conference talk by Thomas Pornin at NorthSec. Gain insights into side-channel attacks that have been exploited since 2005 to compromise cryptographic algorithm implementations. Discover how these vulnerabilities extend beyond cryptography, potentially affecting any system handling confidential data in certain contexts. Learn about the SGX technology and its role in creating a environment where all enclave code must be fortified against cache attacks. Examine a toolkit of C functions designed to facilitate the development of generic, non-crypto constant-time code, enhancing overall system security.
Overview
Syllabus
Thomas Pornin - Non-Crypto Constant-Time Coding
Taught by
NorthSec
Related Courses
-
Verifying and Synthesizing Constant-Resource Implementations with Types
-
When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
-
FaCT - A New Language for Constant-Time Programming
-
High-Assurance Crypto Software
-
Gaussian Sampling over the Integers - Efficient, Generic, Constant Time
-
Efficient Relational Symbolic Execution for Constant-Time at Binary-Level
