[Cryptography] Compiler optimization side channel
Pierre Abbat
phma at bezitopo.org
Wed Aug 28 03:30:12 EDT 2024
On Wednesday, August 28, 2024 12:35:48 AM EDT Peter Gutmann wrote:
> In C that's been handled for awhile, under Windows with SecureZeroMemory(),
> under OpenBSD with explicit_bzero(), and under ANSI C with the misleadingly
> described memset_s(), "the memory indicated by [the memset parameters] may
> be accessible in the future and therefore must contain the values indicated
> by [the value to set]", because just saying "the memset_s() call won't be
> optimised away" would be far too obvious and would let you know what's
> going on.
In Linux (the old version I'm using) memset_s does not exist (or at least
doesn't have a man page) but explicit_bzero does. In DragonFly BSD, both
exist.
Pierre
--
La sal en el mar es más que en la sangre.
Le sel dans la mer est plus que dans le sang.
More information about the cryptography
mailing list