The article introduces a new compiler-verifier suite based on Wasmtime, preserving the constant-time property throughout all optimization passes. This process provides microarchitectural guarantees with the forthcoming ARM PSTATE.DIT feature. The machine code is then verified using Ghidra to check its constant-timeness. The resistance of this compilation and verification against speculative timing leakages such as Spectre is also considered. Furthermore, the authors present a port of FaCT, a constant-time-aware DSL, to target ct-wasm.
Publication date: 24 Nov 2023
Project Page: https://arxiv.org/abs/2311.14246
Paper: https://arxiv.org/pdf/2311.14246
Leave a comment
