Full Disclosure mailing list archives

Re: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack

From: Jann Horn <jann () thejh net>
Date: Sat, 27 Jul 2013 01:34:05 +0200

On Fri, Jul 26, 2013 at 03:47:41PM -0400, Jeffrey Walton wrote:

Dr. Bernstein puts a lot of effort into defending against timing
attacks and other side channels in his NaCl library. I'm not aware of
any other libraries which go to the same depths. On the downside, NaCl
is not easy to work with (for example, change compilers or
cross-compile for iOS or Android); its not really portable (lots of C
language violations); nor is it easy to get analysis tools on it.


Also, there's no support for AES or RSA as far as I can see. Does anyone know a
library for RSA and/or AES with similar security against side-channel attacks?

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack Hurgel Bumpf (Jul 25)
- Re: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack Valdis . Kletnieks (Jul 26)
  - Re: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack Jeffrey Walton (Jul 26)
    - Re: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack Jann Horn (Jul 26)