Curry and TARTS: A new technique for avoiding side-channel attacks on cryptosystems

Presented at THOTCON 0x6 (2015), May 14, 2015, noon (25 minutes)

Timing attacks are a huge problem for modern cryptosystems, having been successfully employed against AES, SSL, RSA, and many other cryptosystems we depend on to be secure. This talk presents a new method for writing code that is provably resistant to timing attacks using concepts from functional programming and type theory. This talk will go over some interesting pieces of math, crypto, and type theory and end up with a proof-of-concept provably constant-time program.

Presenters:

• JP Smith
  JP is a student from Normal, Illinois. He is interested in the intersection of math, computer science, and security, especially areas like machine learning, cryptography, and functional programming. JP is heavily involved with Illinois State University's campus security club, ISUSEC, and is passionate about helping both learning and teaching new things, in security and otherwise. In his free time, he enjoys camping, biking, reading, and general adventures.

Similar Presentations:

• Black Hat USA 2021 / Timeless Timing Attacks
• DEF CON 29 (2021) / Timeless Timing Attacks
• Black Hat USA 2014 / Time Trial: Racing Towards Practical Timing Attacks