MFC: Avoid a timing side-channel leak when generating DSA and ECDSA - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2018-06-13 15:07:19 +0000
committer	jsing <>	2018-06-13 15:07:19 +0000
commit	b7f92fb83a3deedd2af121feaaaa3e70fae56eca (patch)
tree	ece62a633ca8cf87cfaec3ac556b1af956a6c209 /src/lib/libcrypto/pqueue
parent	96360bfe7df4f4f8753df49489ae7484cb44b16f (diff)
download	openbsd-b7f92fb83a3deedd2af121feaaaa3e70fae56eca.tar.gz openbsd-b7f92fb83a3deedd2af121feaaaa3e70fae56eca.tar.bz2 openbsd-b7f92fb83a3deedd2af121feaaaa3e70fae56eca.zip

MFC: Avoid a timing side-channel leak when generating DSA and ECDSA

signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group. ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/pqueue')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: