YoVDO

Non-Crypto Constant-Time Coding

Offered By: NorthSec via YouTube

Tags

NorthSec Courses C Programming Courses Secure Coding Practices Courses Cache Attacks Courses

Course Description

Overview

Explore cache attacks, SGX technology, and constant-time coding techniques in this 33-minute conference talk by Thomas Pornin at NorthSec. Gain insights into side-channel attacks that have been exploited since 2005 to compromise cryptographic algorithm implementations. Discover how these vulnerabilities extend beyond cryptography, potentially affecting any system handling confidential data in certain contexts. Learn about the SGX technology and its role in creating a environment where all enclave code must be fortified against cache attacks. Examine a toolkit of C functions designed to facilitate the development of generic, non-crypto constant-time code, enhancing overall system security.

Syllabus

Thomas Pornin - Non-Crypto Constant-Time Coding


Taught by

NorthSec

Related Courses

Pseudorandom Black Swans: Cache Attacks on CTR_DRBG
TheIACR via YouTube When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
IEEE via YouTube NetCAT - Practical Cache Attacks from the Network
IEEE via YouTube The 9 Lives of Bleichenbacher's CAT - New Cache Attacks on TLS Implementations
IEEE via YouTube