[jandrese]

It's a good start, but the problems with SSH lately have largely been things like timing attacks that even the smartest compiler won't catch.

In fact a smart optimizing compiler can make that even harder to avoid since it is more difficult to know exactly what machine code it will produce.

[nine_k]

I wonder how efficient a counter-measure would be adding small random delays in every part of code, possibly injected at MIR or LLVM level. It might drown any timing information in random noise.

They will definitely lower the performance, but likely a bit slower and more secure connection process is preferable to a less secure one.

[ryanong]

From my current understanding adding random noise doesn’t affect most timing attacks because it is averaged out. I may be wrong though

[dcbadacd]

Making everything fixed-time, no matter how fast, would actually have the needed effect, random noise can be statistically removed.

[ryanong]

I thought timing attacks only matter for clear data to encrypted data and back part of the library, and as long as they didn’t write any data parsing that is content specific pre or post encryption their encryption and didn’t write their own encryption then there shouldn’t be any major holes.