|
|
|
|
|
|
by profquail
2928 days ago
|
|
|
Could this attack be mitigated or otherwise slowed down by using non-temporal memory loads (x86: movntdqa) when reading the private key from memory? Or using clflush to evict the cached private key data from memory after each time it’s used? The constant-time crypto in BearSSL seems like the best approach — I’m just curious if the above approaches could be used as a quick fix for the affected codebases until they can be fixed properly. |
|
|