nanosleep is the fix? Hm. I wonder if remote cache-timing attacks are practical. ;) #realworldcrypto
@DLitz the delay is protocol layer, for all errors, experimenting with 10s< delay < 30s now too. But the crypto layer also now O(1)
-
-
@colmmacc Why delay at all if decrypt-then-verify is already constant-time? -
@DLitz defense in depth; high level delay at outer layer works against bleichenbacher with hsm rsa or pkcs11, maybe future unknown attacks - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.