- Main
Towards Verified, Constant-Time Floating-Point Operations
- Andrysco, Marc
- Advisor(s): Jhala, Ranjit
Abstract
Floating-point computation exhibits significant runtime variation based on input param-
eters with some inputs executing over 100 times slower. The timing differences are so severe
that attacks have successfully broken privacy guarantees of real systems (e.g. browsers). My
thesis presents a defense against floating-point timing variability called CTFP – Constant-Time
Floating-Point. The CTFP approach avoids all known fast and slow paths by surrounding every
operation with special code that guarantees no dangerous inputs or outputs are observed. CTFP
provides five constant-time implementations that trade-off between performance and correct-
ness. Through these implementations, CTFP provides a principled method for defending against
floating-point timing attacks.
Main Content
Enter the password to open this PDF file:
-
-
-
-
-
-
-
-
-
-
-
-
-
-