[Cryptech Tech] Fun RSA implementation vulnerability: left-to-right sliding window modexp

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Jul 1 09:02:07 UTC 2017

Rob Austein <sra at hactrn.net> writes:


Before anyone panics too much, it's just another side-channel attack.  In this
case it uses on a cache side-channel (which shouldn't be a problem in an HSM,
but then it can use other side-channels), and since it requires multiple
traces should be defeated by standard blinding countermeasures.


More information about the Tech mailing list