[19508] in cryptography@c2.net mail archive
Re: OpenSSL BIGNUM vs. GMP
daemon@ATHENA.MIT.EDU (Adam Back)
Tue Jan 3 17:57:09 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 3 Jan 2006 17:51:08 -0500
From: Adam Back <adam@cypherspace.org>
To: Ben Laurie <ben@algroup.co.uk>
Cc: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <43BAF66A.10206@algroup.co.uk>
On Tue, Jan 03, 2006 at 10:10:50PM +0000, Ben Laurie wrote:
> Jack Lloyd wrote:
> > Some relevant and recent data: in some tests I ran this weekend
> > [gmp faster than openssl]
> > AFAIK blinding alone can protect against all (publicly known)
> > timing attacks; am I wrong about this?
>
> Yes, you are - there's the cache attack, which requires the attacker to
> have an account on the same machine. I guess I shouldn't have called it
> constant time, since its really constant memory access that defends
> against this.
Does openSSL defend against cache related attacks?
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
