Sat 13 Jan 2018 16:00 - 16:30 at Hershey - Session 3 Chair(s): Lars Birkedal

As ever more applications are designed to run inside browsers and other JavaScript runtime systems, there is an increasing need for cryptographic primitives that can be used client-side. Unfortunately, securely implementing cryptographic primitives in high-level languages is extremely difficult—runtime system components such as garbage collectors and just-in-time compilers can trivially introduce timing leaks in seemingly secure code. We argue that runtime system designs should be rethought with such applications—applications that demand strong guarantees for the executed code—in mind. As a concrete step towards this goal, we propose changes to the recent WebAssembly language and runtime system, supported by modern browsers. Our Constant-Time WebAssembly enables developers to implement crypto algorithms whose security guarantees will be preserved through compiler optimizations and execution in the browser.

Constant-time WebAssembly Presentation (Constant-time WebAssembly(2).pdf)702KiB

Sat 13 Jan
Times are displayed in time zone: Tijuana, Baja California change

16:00 - 18:00: Session 3PriSC at Hershey
Chair(s): Lars BirkedalAarhus University
16:00 - 16:30
Talk
Constant-time WebAssembly
PriSC
John RennerUCSD, Sunjay CauligiUCSD, Deian StefanUniversity of California, San Diego
Pre-print File Attached
16:30 - 17:00
Talk
Per-Thread Compositional Compilation for Confidentiality-Preserving Concurrent Programs
PriSC
Robert SisonData61, CSIRO and UNSW
File Attached
17:00 - 17:30
Talk
On Compositional Compiler Correctness and Fully Abstract Compilation
PriSC
Daniel PattersonNortheastern University, Amal AhmedNortheastern University, USA
File Attached
17:30 - 18:00
Talk
Foundations of Dependent Interoperability
PriSC
Pierre-Evariste DagandLIP6/CNRS , Nicolas TabareauInria, France, Éric TanterUniversity of Chile
Link to publication File Attached