During the last 15 years, constant-time cryptographic software has transitioned from an academic construct to a concrete security requirement for real-world libraries. From the engineering perspective, we have quality sets of programming guidelines to avoid these pitfalls leading to security advisories and immense downstream effort to patch fielded systems. We even have automated tools to assist in the development and testing processes. Yet timing-related security advisories persist: Why? This talk covers over a decade of timing attacks and mitigations against OpenSSL, one of the most deployed and security-critical free and open source software libraries. The focus is on mitigation engineering challenges across a large, necessarily stable monolithic codebase over time, looking at why the cryptographer’s mantra “just make it constant time” is often harder than it seems for established software projects.

Seminar by Billy Bob Brumley at ITEFI on May 11, 2023.


A native Texan, Bill Brumley is a Professor in the Computing Sciences Department at Tampere University, Finland where he leads the Network and Information Security (NISEC) group. He is a 2018 European Research Council (ERC) Starting Grant Laureate. He is a former Staff Engineer for Qualcomm’s Product Security Initiative (QPSI) in San Diego, California. He received his doctorate from Aalto University (Helsinki, Finland) in 2012. He specializes in system security, cryptography engineering, and side channel analysis.



[Video not available]