Hi Everyone,
There's new research on data leakage due to cpu speculation bugs. It looks
like there are 3 or 4 new ones in addition to existing ones like Spectre
and Meltdown.
I'm changing the README's opening paragraph to read like below. About the
all we can do is apply them as a best effort, and tell folks they are
probably present.
Crypto++ attempts to resist side channel attacks using
various remediations. The remdiations are applied as a best
effort but are probably incomplete. They are incomplete due
to cpu speculation bugs like Spectre, Meltdown, Foreshadow.
Intel generally refers to them as "Microarchitectural Data
Sampling" (MDS).
We really need cpu manufacturers help here. We can't sidestep the cpu and
memory.
There's nothing special about Crypto++. Other libraries are experiencing
the same pain, like Botan and OpenSSL.
Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More
information about Crypto++ and this group is available at
http://www.cryptopp.com and
http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/cryptopp-users/feaa7a85-a8f7-412e-a4a5-57e1d931ebf0%40googlegroups.com.
