side-channelTag
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Details

Description

Related to possible side channel attacks.

Recent Activity

Sep 1 2019

olf added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

... https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html

Sep 1 2019, 11:33 PM · side-channel, libgcrypt, Bug Report

Jul 10 2019

werner added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Check out the mailing list gcrypt-devel@

Jul 10 2019, 7:23 PM · side-channel, libgcrypt, Bug Report
ware added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Folks, I was just wondering if I could get an update on where we are with this bug. It seems we aren't sure if it's a real issue or not. What's the latest thought?

Jul 10 2019, 7:17 PM · side-channel, libgcrypt, Bug Report

Jun 23 2019

slandden added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Werner, I interpreted jwilik's patch as admission of a problem from upstream, and reported it as such to CVE. I felt that since this does not effect the main platforms (ARM and x86_64) it would not be a big deal. If I interpreted wrong, I am sorry.

Jun 23 2019, 7:52 PM · side-channel, libgcrypt, Bug Report
slandden added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

I assigned the CVE, but yes it needs more facts.

Jun 23 2019, 5:48 PM · side-channel, libgcrypt, Bug Report
werner added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Andreas, I wonder on which grounds you assigned a CVE for this claimed side-channel attack. The mentioned paper is about an old RSA side-channel and not on AES. I would like to see more facts than the reference to a guy who knows PPC pretty well.

Jun 23 2019, 5:45 PM · side-channel, libgcrypt, Bug Report

Jun 22 2019

ametzler1 added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

This bug has been assigned CVE-2019-12904. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12904

Jun 22 2019, 6:36 AM · side-channel, libgcrypt, Bug Report

Jun 6 2019

slandden updated the task description for T4541: C implementation of AES is vulnerable to side-channel attacks.
Jun 6 2019, 6:40 PM · side-channel, libgcrypt, Bug Report
jukivili added a commit to T4541: C implementation of AES is vulnerable to side-channel attacks: rCa4c561aab101: GCM: move look-up table to .data section and unshare between processes.
Jun 6 2019, 6:28 PM · side-channel, libgcrypt, Bug Report
jukivili added a commit to T4541: C implementation of AES is vulnerable to side-channel attacks: rCdaedbbb5541c: AES: move look-up tables to .data section and unshare between processes.
Jun 6 2019, 6:28 PM · side-channel, libgcrypt, Bug Report

May 30 2019

slandden updated the task description for T4541: C implementation of AES is vulnerable to side-channel attacks.
May 30 2019, 3:46 PM · side-channel, libgcrypt, Bug Report

May 29 2019

werner added a project to T4541: C implementation of AES is vulnerable to side-channel attacks: side-channel.
May 29 2019, 8:29 AM · side-channel, libgcrypt, Bug Report
werner set the color for side-channel to Grey.
May 29 2019, 8:29 AM