definitely like the idea of the language keyword for secrecy. I hope some languages choose to do that.
-
-
-
https://twitter.com/feministPLT/status/1195082918315646976 … (Noether was never implemented, but I intend to get back to it in the not-too-distant future.)
- 1 more reply
New conversation -
-
-
IMO until CPUs have a means to provide guaranteed deterministic timing for a certain code path (specified in the ISA to be constant time even on future uarches) we're going to be chasing side channel issues at all levels of the HW/SW stack.
-
The only way I'm aware of to be *certain* there are no timing side channels is to implement the relevant crypto functionality in a HDL and compile to ASIC gates or FPGA LUTs, with cycle-accurate deterministic timing.
- 4 more replies
New conversation -
-
-
Nice! We were working on a simple translation validation checker that you can run between passes to make sure that secret things are not suddenly used in branches or memory indexes. Having secret annotations in LLVM would be great! (I’m more worried about lowering to x86 though.)
- End of conversation
New conversation -
-
-
Deterministic CPUs are entirely possible (Qualcomm now own this design). We had designed this one to allow software to meet precise hardware timing specs and had hard real-time scheduling of the pipeline (including branches): http://www.texim-europe.com/getfile.aspx?id=68543 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Does any other compiler? Using == is known to be bad for side channel resistance... (Though I totally agree we need better tooling)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.