[Cryptography] Side channel attack on OpenSSL ECDSA on iOS and Android
Salz, Rich
rsalz at akamai.com
Thu Mar 3 15:14:47 EST 2016
What one of our main crypto expert actually told the paper authors was this:
---------------------------------
Hardware side-channel attacks are not in OpenSSL's threat model. We won't be issuing a CVE for this, but we are always looking into hardening our implementations. In fact, the next OpenSSL release (1.1.0) will already contain new constant-time implementations of P-256, the most important curve for TLS, for ARMv4 as well as ARMv8:
https://github.com/openssl/openssl/tree/master/crypto/ec/asm
As for blinding-based countermeasures, we have so far not been able to incorporate them for non-technical reasons I'm afraid.
---------------------------------
Doesn't make as interesting a story, tho.
More information about the cryptography
mailing list