Page MenuHome GnuPG
Create Task
Maniphest T4869

constant-time mpi_invm
Closed, ResolvedPublic
Actions

Description

For mpi_invm implementation, computation time should be fixed time.

Revisions and Commits

rC libgcrypt
rC90b7339b0654 mpi: Constant time mpi_inv with some conditions.
rC3a16c19d4d63 DSA,ECDSA: Fix use of mpi_invm.
rCada758e3019c DSA,ECDSA: Fix use of mpi_invm.
rC20082ca965ea mpi: Constant time mpi_inv with some conditions.

Related Objects
Search...

StatusAssignedTask
 Resolved gniibeT4869 constant-time mpi_invm
 Resolved wernerT4294 Release Libgcrypt 1.9.0

Event Timeline

gniibe created this task.Mar 9 2020, 8:56 AM
gniibe claimed this task.Mar 12 2020, 6:50 AM
gniibe added a comment.EditedMar 17 2020, 6:32 AM

Related the changes, before we did the changes, we received two independent reports.

For one, the reference is: https://arxiv.org/pdf/2002.08437.pdf

gniibe added a commit: rC20082ca965ea: mpi: Constant time mpi_inv with some conditions..Mar 18 2020, 7:28 AM
gniibe added a commit: rCada758e3019c: DSA,ECDSA: Fix use of mpi_invm..
gniibe changed the task status from Open to Testing.Mar 19 2020, 5:10 AM
gniibe added a project: Restricted Project.
gniibe added a subtask: T4294: Release Libgcrypt 1.9.0.Mar 19 2020, 5:22 AM
gniibe added a comment.Apr 28 2020, 5:57 AM

I tested with this patch (which changes use of constant-time routine when it's secure memory):

lg-bench-invm.diff4 KBDownload

build-amd64/libgcrypt/tests$ ./benchmark mpi-invm
invm-generic  1210ms  1060ms   870ms  2010ms  2010ms   950ms
invm-ct        370ms   360ms   370ms  1030ms  1030ms  1080ms

My opinion is that it's OK not to introduce the check if it's on secure memory or not.

werner closed this task as Resolved.Jul 6 2020, 4:09 PM
werner mentioned this in T4985: Release Libgcrypt 1.8.6.
werner removed a project: Restricted Project.
werner mentioned this in T4294: Release Libgcrypt 1.9.0.Jan 19 2021, 10:17 AM
werner closed subtask T4294: Release Libgcrypt 1.9.0 as Resolved.Jan 19 2021, 1:54 PM
gniibe added a commit: rC3a16c19d4d63: DSA,ECDSA: Fix use of mpi_invm..Jun 3 2021, 7:08 PM
gniibe added a commit: rC90b7339b0654: mpi: Constant time mpi_inv with some conditions..