What's better than a key extraction bug in a major crypto library? How about a key extraction bug in 11 major crypto libraries? My latest research: https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ …
-
-
Replying to @inf_0_
If there's one thing I'm really enjoying about the last year it's how you just can't implement _any_ performance optimization ever without introducing some sort of side channel vulnerability.
1 reply 4 retweets 18 likes
I'm really glad to see us moving past the "optimizations C compilers do are anti-security evil, but here look at this cool speculative execution!" dogma.
4:01 PM - 13 Jun 2018
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.