Researchers from the University of California and the University of Cambridge have come up with Constant-Time WebAssembly (CT-Wasm), the details of which are shared in their paper: CT-Wasm: Type-Driven Secure Cryptography for the Web Ecosystem in December. It is a type-driven, strict extension to WebAssembly, which aims to address the state of cryptography in the web ecosystem.
Why CT-Wasm is introduced?
Side channels: While implementing a cryptography algorithm, the functional correctness is not the only concern. It is also important to ensure the properties of information flow that take into account the existence of side channels. For instance, an attacker can use the duration of the computation as a side channel. They can compare different executions to find out which program paths were used and work backward to determine information about secret keys and messages.
- It has a strong, static type system, and principled designed.
- It uses a formal small-step semantics and a well-typed Wasm program enjoys standard progress and preservation properties.
For more details, read the paper: CT-Wasm: Type-Driven Secure Cryptography for the Web Ecosystem.