Changes between Initial Version and Version 1 of Ticket #22197, comment 1


Ignore:
Timestamp:
May 8, 2017, 6:20:36 PM (2 years ago)
Author:
yawning
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #22197, comment 1

    initial v1  
    11For the non-TLS cases, a constant time AES could be easily substituted (and I have one for Go, though performance is not great).  Making Go's TLS safe against timing attacks will require forking the TLS stack in the runtime library.
     2
     3nb: I don't see myself doing a constant time GHASH.  So just replacing the AES is insufficient to fix GCM-AES.