Filippo Valsorda :go: on Nostr: Well damn, the era of compiler-introduced timing side-channels is here. In the Kyber ...
Well damn, the era of compiler-introduced timing side-channels is here.
In the Kyber reference implementation, Clang notices a bitmask is just selecting between zero and a constant and turns it into an if.
Very happy the Go compiler is not that smart right now.
https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/531ad6ca-5e94-4aa9-8242-4040b4f549f3n%40list.nist.gov
In the Kyber reference implementation, Clang notices a bitmask is just selecting between zero and a constant and turns it into an if.
Very happy the Go compiler is not that smart right now.
https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/531ad6ca-5e94-4aa9-8242-4040b4f549f3n%40list.nist.gov