Sat 13 Jan 2018 16:00 - 16:30 at Hershey - Session 3 Chair(s): Lars Birkedal

As ever more applications are designed to run inside browsers and other JavaScript runtime systems, there is an increasing need for cryptographic primitives that can be used client-side. Unfortunately, securely implementing cryptographic primitives in high-level languages is extremely difficult—runtime system components such as garbage collectors and just-in-time compilers can trivially introduce timing leaks in seemingly secure code. We argue that runtime system designs should be rethought with such applications—applications that demand strong guarantees for the executed code—in mind. As a concrete step towards this goal, we propose changes to the recent WebAssembly language and runtime system, supported by modern browsers. Our Constant-Time WebAssembly enables developers to implement crypto algorithms whose security guarantees will be preserved through compiler optimizations and execution in the browser.

Constant-time WebAssembly Presentation (Constant-time WebAssembly(2).pdf)702KiB

Sat 13 Jan

16:00 - 18:00: PriSC 2018 - Session 3 at Hershey
Chair(s): Lars BirkedalAarhus University
prisc-2018151585560000016:00 - 16:30
John RennerUCSD, Sunjay CauligiUCSD, Deian StefanUniversity of California, San Diego
Pre-print File Attached
prisc-2018151585740000016:30 - 17:00
Robert SisonData61, CSIRO and UNSW
File Attached
prisc-2018151585920000017:00 - 17:30
Daniel PattersonNortheastern University, Amal AhmedNortheastern University, USA
File Attached
prisc-2018151586100000017:30 - 18:00
Pierre-Evariste DagandLIP6/CNRS , Nicolas TabareauInria, France, Éric TanterUniversity of Chile
Link to publication File Attached