Bitcoin Forum
August 19, 2017, 05:21:34 AM *
News: Latest stable version of Bitcoin Core: 0.14.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Mental note: ensure EC crypto is not susceptible to side channel attacks  (Read 1106 times)
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
February 25, 2011, 10:18:36 AM
 #1

For people working on mobile clients:

   http://threatpost.com/en_us/blogs/attack-can-extract-crypto-keys-mobile-device-signals-021611

OpenSSL has apparently been balanced to try and avoid this type of attack. I don't know about crypto++ or Bouncy Castle.
1503120094
Hero Member
*
Offline Offline

Posts: 1503120094

View Profile Personal Message (Offline)

Ignore
1503120094
Reply with quote  #2

1503120094
Report to moderator
1503120094
Hero Member
*
Offline Offline

Posts: 1503120094

View Profile Personal Message (Offline)

Ignore
1503120094
Reply with quote  #2

1503120094
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1503120094
Hero Member
*
Offline Offline

Posts: 1503120094

View Profile Personal Message (Offline)

Ignore
1503120094
Reply with quote  #2

1503120094
Report to moderator
1503120094
Hero Member
*
Offline Offline

Posts: 1503120094

View Profile Personal Message (Offline)

Ignore
1503120094
Reply with quote  #2

1503120094
Report to moderator
0x6763
Guest

February 25, 2011, 02:49:24 PM
 #2

I suspect Bouncy Castle doesn't, or at least I didn't see any comments about it in the Bouncy Castle source code yet.  I've mostly only looked at the EC code, though.  What does OpenSSL do to try to avoid this type of attack?
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
February 25, 2011, 03:38:15 PM
 #3

All operations are constant time. I don't know if you have to do more than that to be safe from power/rf analysis too.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!