Pieter Wuille [ARCHIVE] on Nostr: 📅 Original date posted:2014-03-05 📝 Original message:On Wed, Mar 5, 2014 at ...
📅 Original date posted:2014-03-05
📝 Original message:On Wed, Mar 5, 2014 at 1:49 PM, Mike Hearn <mike at plan99.net> wrote:
> I am not currently aware of any efforts to make OpenSSL's secp256k1
> implementation completely side channel free in all aspects. Also,
> unfortunately many people have reimplemented ECDSA themselves and even if
> OpenSSL gets fixed, the custom implementations probably won't.
As far as I know, judging from the implementation, there is hardly any
effort to try to prevent timing attacks.
--
Pieter
📝 Original message:On Wed, Mar 5, 2014 at 1:49 PM, Mike Hearn <mike at plan99.net> wrote:
> I am not currently aware of any efforts to make OpenSSL's secp256k1
> implementation completely side channel free in all aspects. Also,
> unfortunately many people have reimplemented ECDSA themselves and even if
> OpenSSL gets fixed, the custom implementations probably won't.
As far as I know, judging from the implementation, there is hardly any
effort to try to prevent timing attacks.
--
Pieter