Date: Thu, 30 Aug 2012 19:51:13 +0100 From: David Laight <da...@l8s.co.uk>
FWIW which versions of memset() aren't 'constant time' ? Apart from ones that try not to dirty pages. The issue with memset isn't timing attacks, but rather that the C compiler is likely to optimize away the apparently useless memset from code that looks like this, and thereby leave keys floating about in RAM: { char key[32]; fetch_key(key); do_sekrit_stuff_with_key(key); memset(key, 0, sizeof key); } Hence explicit_{bzero,memset}, not consttime_{bzero,memset}, which are supposed to be guaranteed not to be optimized away.