ecc: Store EdDSA session key in secure memory.

Authored by Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> on Jan 19 2017, 5:00 PM.

Description

ecc: Store EdDSA session key in secure memory.

* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
session key.

An attacker who learns the EdDSA session key from side-channel
observation during the signing process, can easily revover the long-
term secret key. Storing the session key in secure memory ensures that
constant time point operations are used in the MPI library.

  • Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>

Details

Committed
wernerJun 1 2017, 3:52 PM
Parents
rC45c39340c992: api: Deprecate gcry_md_info
Branches
Unknown
Tags
Unknown
werner committed rC5a22de904a0a: ecc: Store EdDSA session key in secure memory. (authored by Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>).Jun 1 2017, 3:52 PM