[Cryptography] Side channel attack on OpenSSL ECDSA on iOS and Android
Perry E. Metzger
perry at piermont.com
Thu Mar 3 19:49:07 EST 2016
On Fri, 4 Mar 2016 00:00:30 +0000 Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> John Gilmore <gnu at toad.com> writes:
>
> >Except OpenSSL, which says:
> >
> > "hardware side-channel attacks are not in OpenSSL's threat
> > model", so no updates are planned to OpenSSL to mitigate our
> > attacks.
>
> I would agree with them there. If your threat model is an attacker
> who's going to walk up to your hardware and attach sensors to it or
> stick an antenna next to it then you need to deal with it via
> hardware measures (shielding, decoupling, etc), not try and patch
> around it with software.
That said, the actual original quote from the OpenSSL people that the
paper authors corresponded with before the selective edits (see
another posting in this thread) indicates that the OpenSSL people are
sensitive to the issue and are trying to mitigate it in software when
feasible.
For example, as was mentioned in that posting in this thread, the
OpenSSL people are indeed releasing code for several platforms that
should be more resistant to side channel attacks.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list