[Rafuino]

Is taking 2 years to address a vulnerability normal?

[tptacek]

Maybe in this case! You can look at P1v15 RSA and assume that there might be some kind of behavior oracle, which is definitely not the same thing as demonstrating that there is a viable oracle. A problem with P1v15 in general is that you have to mitigate these kinds of covert channels directly.

But I assume the comment above was suggesting there was something more interesting than the magnitude of the lag.

[some_furry]

> But I assume the comment above was suggesting there was something more interesting than the magnitude of the lag.

Nothing insidious, just thought maybe it could have been a typo. But if not, then it's just an amusing coincidence.

Taking 2 years to demonstrate the impact of a difficult or strange cryptographic bug isn't really that interesting in and of itself.

[tptacek]

Right, especially in this case where you can almost just go from TLS library to TLS library saying "hm, this implements P1v15, probably has a timing channel" to get credit for the eventual finding. :)

[some_furry]

Right. In a lot of cases "this implements RSA" and "this wasn't written by Thomas Pornin" is enough to suspect a timing channel. Writing a proof of concept for one is at least an order of magnitude more challenging; at least in my experience. (I am way better at mitigation than exploit development.)

[tptacek]

Everybody is!

[some_furry]

Good to know! (I thought maybe this was just my own biases or weaknesses showing. I've been trying to work on it this year when I have time.)

[midasuni]

“I think there may be a bug but I can’t reproduce it” is quite common

I just managed to repot use a bug in a vision system that I saw in august. Finally managed to reproduce it mostly last week.

[dottedmag]

It took 2 years to find out that a potential vulnerability actually exists. There's a lot of potential vulnerabilities that may or may not actually be exploitable.