Bitcoin Forum
February 24, 2017, 01:41:28 AM *
News: Latest stable version of Bitcoin Core: 0.13.2  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Mental note: ensure EC crypto is not susceptible to side channel attacks  (Read 1082 times)
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
February 25, 2011, 10:18:36 AM
 #1

For people working on mobile clients:

   http://threatpost.com/en_us/blogs/attack-can-extract-crypto-keys-mobile-device-signals-021611

OpenSSL has apparently been balanced to try and avoid this type of attack. I don't know about crypto++ or Bouncy Castle.
1487900488
Hero Member
*
Offline Offline

Posts: 1487900488

View Profile Personal Message (Offline)

Ignore
1487900488
Reply with quote  #2

1487900488
Report to moderator
1487900488
Hero Member
*
Offline Offline

Posts: 1487900488

View Profile Personal Message (Offline)

Ignore
1487900488
Reply with quote  #2

1487900488
Report to moderator
1487900488
Hero Member
*
Offline Offline

Posts: 1487900488

View Profile Personal Message (Offline)

Ignore
1487900488
Reply with quote  #2

1487900488
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1487900488
Hero Member
*
Offline Offline

Posts: 1487900488

View Profile Personal Message (Offline)

Ignore
1487900488
Reply with quote  #2

1487900488
Report to moderator
0x6763
Guest

February 25, 2011, 02:49:24 PM
 #2

I suspect Bouncy Castle doesn't, or at least I didn't see any comments about it in the Bouncy Castle source code yet.  I've mostly only looked at the EC code, though.  What does OpenSSL do to try to avoid this type of attack?
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
February 25, 2011, 03:38:15 PM
 #3

All operations are constant time. I don't know if you have to do more than that to be safe from power/rf analysis too.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!