|
|
|
|
|
|
by nenaoki
410 days ago
|
|
|
The Wasm Constant Time proposal was just moved to inactive 4 days ago[0]. From what I can tell the bulk of the work for it was done in 2018[1], but it needs updating to consider SIMD, and for legwork to be done on moving it along as a proper spec extension. Until someone picks up this valuable work and lands this much-needed feature in Wasm, we're extremely vulnerable to timing attacks in all Wasm crypto. [0] https://github.com/WebAssembly/proposals/blob/9fc7a85e/inact... [1] https://github.com/PLSysSec/ct-wasm |
|
|