Some resources for people interested in these security issues: * http://cr.yp.to/talks.html#2007.05.28 (how to avoid leakage from branches and caches; see the "Exercise: Forge IPsec packets" slide for some discussion of digest comparison)
* http://cr.yp.to/mac/constanttime_isequal.c (2005 code for constant-time comparison; probably there are earlier references) * http://nacl.cr.yp.to (a high-security high-speed cryptographic library with no secret branches and no secret memory addresses) * http://cr.yp.to/papers.html#coolnacl (new paper discussing various cryptographic disasters addressed by this library) ---D. J. Bernstein Research Professor, Computer Science, University of Illinois at Chicago _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
