Constant-time support coming to LLVM: Protecting cryptographic code
a day ago
- #compiler-optimization
- #cryptography
- #timing-attacks
- Trail of Bits introduces constant-time coding support for LLVM 21 to protect cryptographic code from timing attacks.
- New __builtin_ct_select intrinsics ensure constant-time properties are preserved during compilation, preventing optimization-induced vulnerabilities.
- Compilers often break constant-time guarantees by optimizing cryptographic code into vulnerable, branch-dependent versions.
- The solution works across architectures (x86-64, ARM, etc.), using platform-specific instructions like cmov or CSEL for constant-time execution.
- Community engagement includes feedback from cryptographic libraries and compiler developers, with plans for Rust and Swift adoption.
- Benchmarking shows minimal performance overhead while maintaining 100% constant-time property preservation.
- Future roadmap includes additional intrinsics for arithmetic and string operations, and broader language support.