by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Nick
@mkandalf
It seems to me that pow_mod in power.rs is vulnerable to FLUSH+RELOAD.
while exp > zero() { if exp.is_odd() { acc = (acc * &base) % modulus } if exp > one() { base = (&base * &base) % modulus } exp = exp >> 1; }
Specifically if exp.is_odd() { acc = (acc * &base) % modulus }
Should do temp = (acc * &base) % modulus; if exp.is_odd() { acc = temp }, I believe
( @hauleth )
Łukasz Jan Niemier
@hauleth
Probably You are right. I would happily accept PR.
Nick
@mkandalf
Cool
Will do when I get a chance
Łukasz Jan Niemier
@hauleth
Currently RSA implementation is vulnerable to many side-channel attacks, in most cases timing ones
I.e. it doesn't run any whitening in RSA encryption, so Chinese Reminders Theorem algorithm is vulnerable to ones.
Nick
@mkandalf
Mmm
Łukasz Jan Niemier
@hauleth
I should clearly state in README that this is still early stage of development and most of library is unsafe and vulnerable to many side-channel attacks. I am trying to make it as safe as possible, but I think that even when I finish Octavo it would take at least half of the year till there will be enough peer-reviews to be sure that it is almost safe.
So any help will be really appreciated :smile:
Aviv Palivoda
@palaviv
Hello, I would like to ask what are the differences between octavo and rust-crypto?
Łukasz Jan Niemier
@hauleth
For now:
  • rust-crypto requires nightly, Octavo doesn't
  • rust-crypto contains assembly code, Octavo currently does not
  • rust-crypto is more complete
  • Octavo is made in modularity in mind, main idea is to provide as few primitives as needed
Aviv Palivoda
@palaviv
As I mentioned in #86 I implemented the DH for rust-crypto first and then ported the implementation to ocatvo. Why not porting some of the implementations missing in octavo from rust-crypto? As it seems from looking at the rust-crypto repository it is not very active.
When you say "as few primitives as needed". Needed for what?
Also just to give a heads up I am currently working on ECDH. I am only starting to work on this but I hope I will have something working soon.
Łukasz Jan Niemier
@hauleth
@palaviv needed for your use case. One of reasons for creating Octavo was to make it as modular as possible to allow enabling only needed features. This would eradicate OpenSSL problem with downgrading to weak crypto.