{"id":"https://openalex.org/W2885285030","doi":"https://doi.org/10.1145/3290390","title":"CT-wasm: type-driven secure cryptography for the web ecosystem","display_name":"CT-wasm: type-driven secure cryptography for the web ecosystem","publication_year":2019,"publication_date":"2019-01-02","ids":{"openalex":"https://openalex.org/W2885285030","doi":"https://doi.org/10.1145/3290390","mag":"2885285030"},"language":"en","primary_location":{"id":"doi:10.1145/3290390","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3290390","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3290390","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3290390","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Conrad Watt","orcid":null},"institutions":[{"id":"https://openalex.org/I241749","display_name":"University of Cambridge","ror":"https://ror.org/013meh722","country_code":"GB","type":"education","lineage":["https://openalex.org/I241749"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Conrad Watt","raw_affiliation_strings":["University of Cambridge, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Cambridge, UK","institution_ids":["https://openalex.org/I241749"]}]},{"author_position":"middle","author":{"id":null,"display_name":"John Renner","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"John Renner","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Natalie Popescu","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Natalie Popescu","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Sunjay Cauligi","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sunjay Cauligi","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"last","author":{"id":null,"display_name":"Deian Stefan","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Deian Stefan","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":4.9166,"has_fulltext":true,"cited_by_count":56,"citation_normalized_percentile":{"value":0.96041196,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":"3","issue":"POPL","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5831999778747559,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5831999778747559,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.18209999799728394,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.07639999687671661,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.684499979019165},{"id":"https://openalex.org/keywords/soundness","display_name":"Soundness","score":0.6087999939918518},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.5357000231742859},{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.46050000190734863},{"id":"https://openalex.org/keywords/trusted-computing-base","display_name":"Trusted computing base","score":0.43529999256134033},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.4334999918937683},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.4047999978065491},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.3594000041484833},{"id":"https://openalex.org/keywords/cryptosystem","display_name":"Cryptosystem","score":0.3573000133037567}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8174999952316284},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.684499979019165},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.6087999939918518},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.5357000231742859},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5336999893188477},{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.46050000190734863},{"id":"https://openalex.org/C147346212","wikidata":"https://www.wikidata.org/wiki/Q5492632","display_name":"Trusted computing base","level":4,"score":0.43529999256134033},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.4334999918937683},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.4047999978065491},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.38519999384880066},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.3594000041484833},{"id":"https://openalex.org/C6295992","wikidata":"https://www.wikidata.org/wiki/Q976521","display_name":"Cryptosystem","level":3,"score":0.3573000133037567},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.35409998893737793},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.3314000070095062},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.33079999685287476},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.3208000063896179},{"id":"https://openalex.org/C17886624","wikidata":"https://www.wikidata.org/wiki/Q1320561","display_name":"Key management","level":3,"score":0.29280000925064087},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2912999987602234},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.2849000096321106},{"id":"https://openalex.org/C165922616","wikidata":"https://www.wikidata.org/wiki/Q4241181","display_name":"Strong cryptography","level":3,"score":0.2718000113964081},{"id":"https://openalex.org/C32455479","wikidata":"https://www.wikidata.org/wiki/Q506053","display_name":"Kerberos","level":3,"score":0.2696000039577484},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.2687000036239624},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.2687000036239624},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.25760000944137573},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.25690001249313354},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.25600001215934753},{"id":"https://openalex.org/C106251023","wikidata":"https://www.wikidata.org/wiki/Q851989","display_name":"Porting","level":3,"score":0.2540000081062317}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3290390","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3290390","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3290390","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1808.01348","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1808.01348","pdf_url":"https://arxiv.org/pdf/1808.01348","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3290390","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3290390","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3290390","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2335238807","display_name":null,"funder_award_id":"EP/K008528","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G4484247140","display_name":"Semantic Foundations for Interactive Programs","funder_award_id":"EP/N02706X/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5860500101","display_name":"REMS: Rigorous Engineering for Mainstream Systems","funder_award_id":"EP/K008528/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G7401479227","display_name":null,"funder_award_id":"EP/K008528/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320306087","display_name":"Semiconductor Research Corporation","ror":"https://ror.org/047z4n946"},{"id":"https://openalex.org/F4320307791","display_name":"Cisco Systems","ror":"https://ror.org/03yt1ez60"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2885285030.pdf","grobid_xml":"https://content.openalex.org/works/W2885285030.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W101424827","https://openalex.org/W1488058190","https://openalex.org/W1518716055","https://openalex.org/W1557855942","https://openalex.org/W1604937165","https://openalex.org/W1733170706","https://openalex.org/W1763079358","https://openalex.org/W1910751411","https://openalex.org/W1965209910","https://openalex.org/W1980939032","https://openalex.org/W1982065519","https://openalex.org/W2061056245","https://openalex.org/W2061354941","https://openalex.org/W2062340141","https://openalex.org/W2071929572","https://openalex.org/W2100111786","https://openalex.org/W2122049982","https://openalex.org/W2158126684","https://openalex.org/W2402906095","https://openalex.org/W2625141509","https://openalex.org/W2652625053","https://openalex.org/W2745299473","https://openalex.org/W2766052299","https://openalex.org/W2766545755","https://openalex.org/W2767162229","https://openalex.org/W2778960843","https://openalex.org/W2885285030","https://openalex.org/W2886207505","https://openalex.org/W2889582214","https://openalex.org/W2963723316","https://openalex.org/W4214617795","https://openalex.org/W4242640108","https://openalex.org/W4256299095"],"related_works":[],"abstract_inverted_index":{"A":[0],"significant":[1],"amount":[2],"of":[3,43,56,106,154,168,177,212],"both":[4,119],"client":[5],"and":[6,123,164,183,189,231,242,245,257],"server-side":[7],"cryptography":[8,80],"is":[9,118,254],"implemented":[10],"in":[11,116,137],"JavaScript.":[12],"Despite":[13],"widespread":[14],"concerns":[15],"about":[16],"its":[17,32],"security,":[18],"no":[19],"other":[20],"language":[21,61],"has":[22],"been":[23],"able":[24],"to":[25,72,77,98,125,201,208,264],"match":[26],"the":[27,36,40,48,54,57,64,102,148,155,169,210,227,246],"convenience":[28],"that":[29,45,113,191,205,252,260],"comes":[30],"from":[31],"ubiquitous":[33],"support":[34],"on":[35,141],"\"web":[37],"ecosystem\"":[38],"-":[39,239,244],"wide":[41],"variety":[42],"technologies":[44],"collectively":[46],"underpins":[47],"modern":[49],"World":[50],"Wide":[51],"Web.":[52],"With":[53],"introduction":[55],"new":[58],"WebAssembly":[59,92,99],"bytecode":[60],"(Wasm)":[62],"into":[63],"web":[65],"ecosystem,":[66],"we":[67,146,261],"have":[68],"a":[69,74,94,160,184,199],"unique":[70],"opportunity":[71],"advance":[73],"principled":[75],"alternative":[76],"existing":[78,143],"JavaScript":[79],"use":[81],"cases":[82],"which":[83,100],"does":[84],"not":[85],"compromise":[86],"this":[87],"convenience.":[88],"We":[89,173,196,225,250],"present":[90],"Constant-Time":[91],"(CT-Wasm),":[93],"type-driven,":[95],"strict":[96],"extension":[97],"facilitates":[101],"verifiably":[103],"secure":[104,122],"implementation":[105,186],"cryptographic":[107,219,237],"algorithms.":[108],"CT-Wasm's":[109,213],"type":[110,157,162,214],"system":[111,215],"ensures":[112],"code":[114,259],"written":[115],"CT-Wasm":[117,150,200,253],"information":[120],"flow":[121],"resistant":[124],"timing":[126],"side":[127],"channel":[128],"attacks;":[129],"like":[130],"base":[131,222],"Wasm,":[132],"these":[133],"guarantees":[134],"are":[135],"verifiable":[136],"linear":[138],"time.":[139],"Building":[140],"an":[142,179],"Wasm":[144,202,223],"mechanization,":[145],"mechanize":[147],"full":[149,247],"specification,":[151],"prove":[152],"soundness":[153],"extended":[156],"system,":[158],"implement":[159,198],"verified":[161],"checker,":[163],"give":[165],"several":[166,236],"proofs":[167],"language's":[170],"security":[171],"properties.":[172],"provide":[174],"two":[175],"implementations":[176],"CT-Wasm:":[178],"OCaml":[180],"reference":[181],"interpreter":[182],"native":[185],"for":[187,221],"Node.js":[188],"Chromium":[190],"extends":[192],"Google's":[193],"V8":[194],"engine.":[195],"also":[197],"rewrite":[203],"tool":[204],"allows":[206],"developers":[207],"reap":[209],"benefits":[211],"today,":[216],"while":[217],"developing":[218],"algorithms":[220],"environments.":[224],"evaluate":[226],"language,":[228],"our":[229],"implementations,":[230],"supporting":[232],"tools":[233],"by":[234],"porting":[235],"primitives":[238],"Salsa20,":[240],"SHA-256,":[241],"TEA":[243],"TweetNaCl":[248],"library.":[249],"find":[251],"fast,":[255],"expressive,":[256],"generates":[258],"experimentally":[262],"measure":[263],"be":[265],"constant-time.":[266]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":15},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2018-08-22T00:00:00"}