|
|
|
|
|
|
by loup-vaillant
3235 days ago
|
|
|
> I see no mention of how monocypher implementation does anything 5o prevent side channel timing attacks, Oh come on, the chosen primitives are all designed for easy immunity against timing attacks. I haven't verified this formally, but I basically ripped off safe designs, and I tried to be careful about avoiding secret dependant branches and indices. > I haven't looked to see if there is any sensitive memory scrubbing. There's a whole test suite for that. Look at the makefile, then select whatever sanitiser it lists (comment/uncomment the relevant CC line at the begining). Then run `./test.sh`. You can also run the relevant executables under Valgrind. Finally, there's a way to run it under the TIS-Interpreter, though that is veeery slow. > by someone who doesn't know C very well Could you tell me how you inferred that? That could help me improve. |
|
|