It does little good to fix that (GF(2**m) path) if they're not gonna fix this (GF(p) path) (which, after now 5 years, there is little hope of):
http://www.iacr.org/archive/asiacrypt2009/59120664/59120664.pdf Of course I hope I'm proven wrong. (AFAIK some one-off solutions were picked up for certain curves, but nothing more.) BBB On Thu, Feb 27, 2014 at 10:16 PM, Huzaifa Sidhpurwala < [email protected]> wrote: > Hi All, > > Wondering openssl was contacted when the following paper was released: > > http://eprint.iacr.org/2014/140.pdf > > This seems similar to http://eprint.iacr.org/2013/448.pdf which affected > GPG software, was assigned a CVE id and was fixed up GPG upstream. > > Regards, > > Huzaifa >
