|
|
|
|
|
|
by CiPHPerCoder
3561 days ago
|
|
|
The other post that was linked in the snippet that mentions base64 is far more likely to make people nervous: https://paragonie.com/blog/2016/06/constant-time-encoding-bo... It's about an implementation of RFC 4648 encoding (including base64, base32, etc.) that doesn't index based on secret data. Consequently, if a practical cache-timing exploit is ever demonstrated in existing implementations of encoding functions, the open source library we wrote will be immune. |
|
|