Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run valgrind-based constant-time tests in CI #462

Open
mkannwischer opened this issue Nov 30, 2024 · 0 comments
Open

Run valgrind-based constant-time tests in CI #462

mkannwischer opened this issue Nov 30, 2024 · 0 comments
Assignees
@mkannwischer
Labels
enhancement New feature or request priority-high
Milestone
next

Comments

@mkannwischer
Copy link
Contributor

#460 hardend the functions in verify.c that have to be constant time to avoid timing attacks.
We should test that this code (and all other code in mlkem-native operating on secrets) is actually constant time.

I propose we use the standard valgrind-based constant-time tests with the patch from https://kyberslash.cr.yp.to/papers.html for detecting secret dependent divisons.
This should be run in CI for as many compilers as possible with as many flag combinations as possible.
@hanno-becker hanno-becker added this to the next milestone Dec 2, 2024
@mkannwischer mkannwischer added enhancement New feature or request priority-high labels Dec 3, 2024
@mkannwischer mkannwischer self-assigned this Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mkannwischer mkannwischer

Labels
enhancement New feature or request priority-high
Projects
None yet
Milestone
next
Development

No branches or pull requests
2 participants
@mkannwischer @hanno-becker