Re OpenSSL's BN_CONSTTIME_SWAP: Purportedly "constant-time" code should not be written in C, full stop.https://stackoverflow.com/questions/29149058/does-memory-dependence-speculation-prevent-bn-consttime-swap-from-being-constant …
@mik235 @daniel_bilar Please no. Redesign to meet minimize need constant-time primitives; implement constant time primitives in assembler.
-
-
@BRIAN_____@daniel_bilar agree with first part. The second part is mostly right, but then there's JIT emulators -
@mik235@daniel_bilar Sure, but you can write your assembly code to minimize CT assumptions on instructions. Can't in high level languages. -
@BRIAN_____@daniel_bilar yeah, I think you're right.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.