Home GnuPG
Diffusion libgcrypt e8b7f10be275

cipher: Hardening ElGamal by introducing exponent blinding too.
e8b7f10be275
Actions

Description

cipher: Hardening ElGamal by introducing exponent blinding too.

* cipher/elgamal.c (do_encrypt): Also do exponent blinding.

Base blinding had been introduced with USE_BLINDING. This patch add
exponent blinding as well to mitigate side-channel attack on mpi_powm.

  • GnuPG-bug-id: T5328
  • Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance
gniibeAuthored on Apr 13 2021, 3:00 AM
Parents
rC9bc3d8de6e2a: mpi: harden add_n_cond, sub_n_cond and abs_cond against EM leakage
Branches
Unknown
Tags
Unknown
Tasks
T5328: On the (in)security of Elgamal in OpenPGP

Changes (1)

PathSize
cipher/

rCe8b7f10be275

View Options

cipher/elgamal.c

Loading...