On Friday, July 26, 2019 at 12:56:48 AM UTC-4, Jeffrey Walton wrote: > > Hi Everyone, > > We received a private email concerning an ECDSA timing attack by Ján > Jančár. > > We are tracking the report at > https://github.com/weidai11/cryptopp/issues/869 . >
A quick update... We are still trying to reproduce the results from ECTester. We still don't have a baseline yet. Jančár offered a patch for the leak in nonce length. But the gorilla in the room are the leaks in Add(), Double() and Multiply(). Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/b94e2b8b-27f5-47fc-aedb-5d09edef2baa%40googlegroups.com.
