top | item 39054225

(no title)

But then, the vast majority of the affected libraries in that page don't use GMP at all, but their own custom implementation (including openssl).

In reality, RSA signing with blinding will make any implementation (including those based on GMP) resistant to side channel attacks, targeted at the private key.

What most of these library tripped over in that case, is the treatment of the plaintext in a side channel-safe way after the private key operation. For instance, just the simple conversion of an integer to a byte string can be targeted.

discuss

No comments yet.