Skip to Main content Skip to Navigation
Theses

Verifying constant-time implementations in a verified compilation toolchain

Alix Trieu 1, 2
Abstract : Side-channel attacks are an especially dangerous form of attack. In this thesis, we focus on the timing side-channel. A program is said to be constant-time if it is not vulnerable to timing attacks. We present in this thesis two methods relying on static analysis in order to ensure that a program is constant-time. These methods use formal verification in order to gain the highest possible level of assurance by relying on a verified compilation toolchain made up of the CompCert compiler and the Verasco static analyzer. We also propose a proof methodology in order to ensure that a compiler preserves constant-time security during compilation.
Complete list of metadatas

Cited literature [78 references]  Display  Hide  Download

https://hal.inria.fr/tel-01944510
Contributor : Abes Star :  Contact
Submitted on : Monday, June 17, 2019 - 9:53:08 AM
Last modification on : Thursday, February 27, 2020 - 1:05:34 AM

File

TRIEU_Alix.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : tel-01944510, version 3

Citation

Alix Trieu. Verifying constant-time implementations in a verified compilation toolchain. Cryptography and Security [cs.CR]. Université Rennes 1, 2018. English. ⟨NNT : 2018REN1S099⟩. ⟨tel-01944510v3⟩

Share

Metrics

Record views

196

Files downloads

509