You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Following up on this: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/hqbtIGFKIpU, we should re-examine the way we write secret-independent code and we should also check the resulting binary code to see whether the compiler has optimized away from the constant time code or deviated in any other way from our intentions.
We could mark any function that is intended to produce a mask in constant time as "never inline".
Following up on this: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/hqbtIGFKIpU, we should re-examine the way we write secret-independent code and we should also check the resulting binary code to see whether the compiler has optimized away from the constant time code or deviated in any other way from our intentions.
We could mark any function that is intended to produce a mask in constant time as "never inline".
We could also run checks on the resulting binary using https://github.com/rozbb/dudect-bencher. Perhaps we could mimic a TIMECOP like checking approach using Miri and https://doc.rust-lang.org/nomicon/leaking.html.
The text was updated successfully, but these errors were encountered: