@funkylab @gudenau Yes, if you are doing conditional memory accesses based on secret data then you're doing it wrong. But there are constant-time algorithms that don't do that. You still have to worry about non-constant-time math, but CPU vendors are starting to help, e.g. https://lwn.net/Articles/921511/
Yes, C is poorly suited for constant time algorithms, and there are newer languages like Jasmin and FaCT designed specifically for this ... but afaik they're rarely used in production.
=> More informations about this toot | View the thread | More toots from comex@mas.to
=> View funkylab@mastodon.social profile | View gudenau@fosstodon.org profile
text/geminiThis content has been proxied by September (3851b).