Communications of the ACM
Improving Web Security Without Sacrificing Performance
A new programming tool called Vale enables high-performance cryptographic code to be verifiably correct and secure.
Credit: Carnegie Mellon University Electrical and Computer Engineering
Researchers at Carnegie Mellon University (CMU) have developed Vale, a programming tool enabling high-performance cryptographic code to be verifiably correct and secure.
The researchers demonstrated Vale's verification approach on several cryptographic components of the HTTPS ecosystem.
Websites have resisted using verified code in HTTPS because most verified code has performed significantly slower than unverified code.
"Ours was one of the first demonstrations of verified code performing just as fast, or faster, than unverified code," says CMU professor Bryan Parno. "By verified, I mean you actually have a formal mathematical proof that all of the code that makes up these HTTPS components actually meets some high-level security specification."
The researchers also demonstrated the success of the new verification system at proving resilient to timing attacks and memory-access attacks, two of the most common types of side-channel attacks.
However, the team notes Vale is highly dependent on the security specification the developers feed it.
From Carnegie Mellon News
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found