https://stackoverflow.com/questions/23084610
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianSide channel attacks are for instance timing attacks, e.g. you can get information about the secrets by measuring timing differences when using different inputs. It is already hard to do this right in a low level language like C where you have lots of control about processor instructions, cache handling, compiler optimizations etc. It is much harder to do this correctly in higher level languages - and be still efficient enough to be usable in real-world applications.
Had a verified SSL/TLS implementation in a 'safe language' would it still have been vulnerable be to the heartbleed attack? [closed]
Question
Here the author makes the claim:
Formalizing the TLS specification and proving that an implementation is consistent with it only shows that the implementation is logically correct. However, it does NOT show that the implementation is secure. Your implementation can be vulnerable to side-channel attacks (particularly timing attacks) while still being logically correct.
My question is: Had a verified SSL/TLS implementation in a 'safe language' (ie Haskell, Idris) or checked with a theorem prover (Coq,Agda) would it still have been vulnerable be to the heartbleed attack?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
