Opened 3 years ago

Last modified 2 years ago

#18896 new enhancement

Test supposedly constant-time crypto primitives to verify that they are in fact constant-time

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: testing crypto constant-time side-channel disaster-waiting-to-happen
Cc: isis Actual Points:
Parent ID: Points: medium
Reviewer: Sponsor: Sponsor3-can

Description


Child Tickets

Change History (10)

comment:1 Changed 3 years ago by nickm

Points: medium

comment:2 Changed 3 years ago by nickm

Keywords: 029-nickm-unsure added

comment:3 Changed 3 years ago by nickm

Keywords: 029-proposed 029-nickm-unsure removed
Milestone: Tor: 0.2.???

comment:4 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:5 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:6 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:7 Changed 2 years ago by nickm

Keywords: testing crypto constant-time side-channel disaster-waiting-to-happen added

comment:8 Changed 2 years ago by isis

Cc: isis added

Is SponsorS still accurate? Would Sponsor3 also cover this?

comment:9 Changed 2 years ago by isis

Sponsor: SponsorS-canSponsor3-can

comment:10 Changed 2 years ago by isis

I revised agl's ctgrind patch for the latest valgrind. Next we'd need to make tests which exercise the crypto code with the secrets poisoned in memory.

Note: See TracTickets for help on using tickets.