Making machine learning accessible across disciplines
Machine learning has been driving research breakthroughs in many fields. Now there is an open source curriculum designed to help non-specialists build the skills they need to use it. Machine learning is an increasingly important competency in a growing number of...The need for constant-time cryptography
Timing attacks have been used successfully against a variety of popular encryption techniques, but they can be prevented with consistent use of constant-time code practice. Cryptography provides privacy for millions of people, whether by ensuring end-to-end encrypted...Creating a Linux-based unikernel
Is there a way to gain the performance benefits of a unikernel without severing it from an existing general-purpose code base? Boston University professors, BU PhD students, and Red Hat engineers at the Red Hat Collaboratory at Boston University are getting close to...Let’s help more programmers get into the groove
This notion of time is what struck me as so interesting about this issue’s feature on constant-time cryptography. It turns out that a crypto implementation whose execution time varies depending on what you feed to it is inherently leaky. By looking at the inputs to a non-constant-time crypto function, an attacker can infer enough about the secret key the function depends on to guess the key, often trivially. Like a drummer who gets distracted by a solo and rushes or drags the time, the crypto function reflects back information about the secret it is protecting.