Bill Stewart <[EMAIL PROTECTED]> writes: >Schmoo Group response on cryptonomicon.net >http://www.cryptonomicon.net/modules.php?name=News&file=article&sid=263&mode=&order=0&thold=0 >Apparently OpenSSL has code to prevent the timing attack, >but it's often not compiled in (I'm not sure how much that's for >performance reasons as opposed to general ignorance?)
I had blinding code included in my crypto code for about 3 years, when not a single person used it in all that time I removed it again (actually I think it's probably still there, but disconnected). I'm leaning strongly towards "general ignorance" here... Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
