Techly NewsGet the app

Get the latest tech news

Checking that functions are constant time with Valgrind (2010)


(01 Apr 2010) Information leaks via timing side channels can be deadly. You can steal RSA keys from other processes on the same host, extract the kernel's dm_crypt keys and steal AES keys over the network.

In order for a function to be constant time, the branches taken and memory addresses accessed must be independent of any secret inputs. Since cryptographic functions result in abnormally straight line code, it's common for a typical input to exercise every instruction. So a tool like Valgrind could check all the branches and memory accesses to make sure that they haven't been tainted with secret data.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of functions

functions

Photo of Valgrind

Valgrind

Photo of constant time

constant time

Related news:

News photo

Go has added Valgrind support

News photo

Phrase origin: Why do we "call" functions?

News photo

Showh HN: Microjax – JAX in two classes and six functions

« Abu Dhabi royal family to take stake in TikTok US
'Independent' auditors overvalue credits of carbon projects, study finds »