oss-sec mailing list archives
Re: BoringSSL private key loading is not constant time
From: Peter Gutmann <pgut001 () cs auckland ac nz>
Date: Tue, 14 Oct 2025 14:33:26 +0000
Alex Gaynor <alex.gaynor () gmail com> writes:
But it seems to me any claim like "there are no timing side-channels" has to have an implicit "relevant to a threat model".
In which case it would probably have been good to explicitly say that, because otherwise it's a "challenge accepted" statement. The talk was fun, and this wasn't presented as a serious attack but as a challenge-accepted one. Peter.
Current thread:
- BoringSSL private key loading is not constant time Billy Brumley (Oct 13)
- Re: BoringSSL private key loading is not constant time Jeffrey Walton (Oct 13)
- Re: BoringSSL private key loading is not constant time Peter Gutmann (Oct 13)
- Re: BoringSSL private key loading is not constant time Alex Gaynor (Oct 14)
- Re: BoringSSL private key loading is not constant time Peter Gutmann (Oct 14)
- Re: BoringSSL private key loading is not constant time Demi Marie Obenour (Oct 14)
- Re: BoringSSL private key loading is not constant time Billy Brumley (Oct 14)
- Re: BoringSSL private key loading is not constant time Billy Brumley (Oct 14)
- Re: BoringSSL private key loading is not constant time David Benjamin (Oct 14)
- Re: BoringSSL private key loading is not constant time Hanno Böck (Oct 14)
- Re: BoringSSL private key loading is not constant time Alex Gaynor (Oct 14)
- Re: BoringSSL private key loading is not constant time Peter Gutmann (Oct 13)
- Re: BoringSSL private key loading is not constant time Billy Brumley (Oct 14)
- Re: BoringSSL private key loading is not constant time Jacob Bachmeyer (Oct 14)
- Re: BoringSSL private key loading is not constant time Jeffrey Walton (Oct 13)