On Sun, Apr 27, 2014 at 1:48 AM, Daniel Micay <danielmi...@gmail.com> wrote: > On 26/04/14 05:42 PM, Gregory Maxwell wrote: >> >> One of the things that is less hopeless and may inform the language >> spec (and library) is writing code that can keep all data structures >> that keep secret keys in mlocked and zeroed-after-use memory that >> comes along with doing crypto but which aren't the crypto themselves. > > You should really just be doing it in another process at that point. >
Unfortunately, that's not a common solution, look at most webservers right now... So, because fixing timing leaks is very hard in reduced cases and impossible to do in the general case, it means that we should not even try? Do I have to worry about power analysis on a server? Can I write assembly myself to make sure the compiler will not optimize stuff away? The current solutions are not pretty and do not solve everything, but they reduce the risk. _______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev