[curves] Summary of ECC 2015 Workshop
dfaranha at gmail.com
Thu Oct 1 14:29:52 PDT 2015
Have you tried FlowTracker?
It does something very similar to what you describe at compiled-code level
by using LLVM, and can be used offline as well.
Feedback is welcome!
Diego de Freitas Aranha
Institute of Computing - University of Campinas
On Thu, Oct 1, 2015 at 6:25 PM Gregory Maxwell <gmaxwell at gmail.com> wrote:
> On Thu, Oct 1, 2015 at 5:48 PM, Trevor Perrin <trevp at trevp.net> wrote:
> > Great report by Steven Galbraith on last week's workshop (plus a panel
> > transcript!), and link to the slides. Lots of good reading:
> "Peter Schwabe gave a stimulating talk about the problem of using
> automated tools to prove the correctness and security of crypto
> software. He demonstrated how the valgrind profiling tool can be used
> on real crypto code, but emphasised that such tools create a massive
> overhead for software developers."
> I'm interested in this-- in libsecp256k1 in the past we've used
> valgrind by setting secret data to 'uninitialized' with the memcheck
> macros and then valgrind whines about conditional branches on the
> secret data. This is far from complete, but not bad automated backstop
> on boneheaded mistakes. I'm wondering if it was just something like
> this, or something somewhat more advanced?
> In theory valgrind could be instrumented to catch any leak-prone
> operations on secret data this way... but creating a new valgrind
> checker is a somewhat daunting prospect.
> Curves mailing list
> Curves at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Curves