This series makes the "aes-fixed-time" and "aes-arm" implementations of AES more resistant to cache-timing attacks.
Note that even after these changes, the implementations still aren't necessarily guaranteed to be constant-time; see https://cr.yp.to/antiforgery/cachetiming-20050414.pdf for a discussion of the many difficulties involved in writing truly constant-time AES software. But it's valuable to make such attacks more difficult. Eric Biggers (2): crypto: aes_ti - disable interrupts while accessing S-box crypto: arm/aes - add some hardening against cache-timing attacks arch/arm/crypto/aes-cipher-core.S | 26 ++++++++++++++++++++++++++ arch/arm/crypto/aes-cipher-glue.c | 13 +++++++++++++ crypto/aes_generic.c | 9 +++++---- crypto/aes_ti.c | 18 ++++++++++++++++++ 4 files changed, 62 insertions(+), 4 deletions(-) -- 2.19.1
