On 25 January 2015 20:00:07 CET, supraja reddy <supraja0...@gmail.com> wrote: >Sorry. I forgot to make a small change. Updated the patch. >
Not specifically related to this patch, but with this many implementations I think it is high time we warn about the security implications of using them. My original implementation was only for decrypting of (pseudo)DRM video which is not an application I consider to have actual security requirements, but I think the risk now is high people use it for the wrong things. In particular, I think we need to state that our implementations have no protection against sidechannel attacks (and no intention to ever add them IMHO), so everyone using them should assume that in particular everyone having access to the same CPU can figure out the key. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
