On 11/04/2011 04:27 AM, Piotr Szturmaj wrote:
bcs wrote:
Are you re-implementing the function kernels your self or are you using
an existing implementation? Given what I've heard about things like
side-channel attacks using processing times to recover keys, I'd rather
not see Phobos use anything written by less than the best expert
available.
Until now, I implemented some hash functions. There are no branching
instructions in their transform() routines, so theoretically processing
time is independent of the function input.
From my very incomplete memory I found the source I was looking for (I
googled for "aes interperative dance") here
http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html
Look for "Foot-Shooting Prevention Agreement" in one of the images
~20-25% of the way down.
tl;dr; It mentions "cache-based, timing, and other side channel
attacks". Unless you can explain to me what those are, in painful
detail, I don't think we should trust you to avoid them. Get a good
vetted C implementation and wrap it with a nice D API and call it a day.
