On Fri, Jul 2, 2021 at 11:59 PM Maamoun TK <[email protected]> wrote:
> I've added a new comment that wipes hash subkey from stack once GHASH > operation completed as it's a good practice to do so > *commit I'm thinking it's also worth it to wipe the authentication tag and the leftover bytes of input data from the stack. Leaving out the output authentication tag in the stack is never a good idea and in case of processing AAD the input data is left in the clear so leaving leftover bytes in the stack may reveal potential secret data. I've pushed another commit to wipe the whole parameter block content (authentication tag and hash subkey) and the leftover bytes of input data. regards, Mamone > On Thu, Jul 1, 2021 at 4:43 PM Maamoun TK <[email protected]> > wrote: > >> I've replied to your comments in the MR. >> >> Thank you, >> Mamone >> >> On Wed, Jun 30, 2021 at 10:10 PM Niels Möller <[email protected]> >> wrote: >> >>> Maamoun TK <[email protected]> writes: >>> >>> > I made a merge request !26 >>> > <https://git.lysator.liu.se/nettle/nettle/-/merge_requests/26> that >>> > optimizes the GHASH algorithm for S390x architecture. >>> >>> Nice! I've added a few comments in the mr. >>> >>> Regards, >>> /Niels >>> >>> -- >>> Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. >>> Internet email is subject to wholesale government surveillance. >>> >> _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
