I have a code for polynomial multiplication and it is written in C. I heard that whether a particular instruction is "constant time" can vary by architecture and by processor model and there isn't any official documentation for this behavior. How can I understand if my code is constant time or not?

Note: By "Constant time" I mean a software or code piece that are resistant to timing attacks. I am using UBUNTU on an intel i7 10th generation PC.

CodePudding user response：

This is only a little example, but on one security summer school I have been shown an example of timing attack scenario. It can easily happen when the code performs cryptographic operations only after certain conditions are satisfied. Consider such a snippet:

if (should_encrypt == 1) {
/*Do computationally heavy encryption operations*/
}
 else {
/*Do something else (no encryption)*/
}

Therefore, the attacker can observe the execution time of the program in both scenarios and deduce when the encryption might have happened. By making sure this is not the case in your code, you can protect your program from this particular timing attack vulnerability.

CodePudding user response：

The easiest way is to rewrite the code so that it contains no if statements, no ?: expressions, and no loops that aren't trivially provable to run a constant number of times.

This results in a 100% predictable execution flow through the code; thus the only timing attacks that remain are cache miss attacks (hello spectre) and timing attacks on the execution of a div instruction.