[Cryptech Tech] Fun RSA implementation vulnerability: left-to-right sliding window modexp

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Jul 1 09:02:07 UTC 2017

Next message (by thread): [Cryptech Tech] RSA blinding (was: Re: Fun RSA implementation vulnerability: left-to-right sliding window modexp)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rob Austein <sra at hactrn.net> writes:

>https://eprint.iacr.org/2017/627.pdf

Before anyone panics too much, it's just another side-channel attack.  In this
case it uses on a cache side-channel (which shouldn't be a problem in an HSM,
but then it can use other side-channels), and since it requires multiple
traces should be defeated by standard blinding countermeasures.

Peter.

Next message (by thread): [Cryptech Tech] RSA blinding (was: Re: Fun RSA implementation vulnerability: left-to-right sliding window modexp)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list