[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Data operand dependent timing on Intel and Arm CPUs
From: Mark Hack <markhack () markhack ! com>
Date: 2023-01-30 19:58:34
Message-ID: 933f5586e2b664ab5fe6a7ce40c741bb92e2e412.camel () markhack ! com
[Download RAW message or body]
The blinding I have seen was for RSA
https://www.openssl.org/docs/man1.1.1/man3/RSA_blinding_on.html and at
least for ECDSA signatures
For symmetric keys such as AES which are mostly table lookup and XOR
based, I have not seen any blinding.
Regards
Mark Hack
On Mon, 2023-01-30 at 14:13 -0500, Demi Marie Obenour wrote:
> On Mon, Jan 30, 2023 at 10:43:16AM -0600, Mark Hack wrote:
> > This is a concern, but if you look into the crypto implementations,
> > data blinding is applied to mitigate both instruction and power
> > side
> > channel attacks
>
> Can you provide examples? I have never seen blinding used for
> symmetric
> cryptography outside of embedded systems.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic