ppad substratum rules
out timing attacks statically, from the compiled assembly, so you
can be certain that sensitive cryptographic code contains
no surprises.
-
Deterministic non-constant-time analysis.
Flag variable-time instructions and secret-dependent branches &
addresses, statically.
-
Supports major ISAs and runtimes.
Analyze aarch64, x86-64, and riscv64 procured from either
compilation or disassembly. Awareness of e.g. Rust,
Go, and GHC runtime patterns limits runtime-specific false
positives.
-
High-performance and scalable.
Easily handle millions of lines of assembly in CI on
resource-constrained runners.
substratum has been tested against standard
Rust and
Go cryptography corpora, and
is used to help verify the
ppad cryptography stack.
Get in touch for queries,
pricing, and sales.