Re: SSH Weak Ciphers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hi,

On Thu, 2016-10-20 at 13:47 +0200, Leonard den Ottolander wrote:
> The point Bernstein makes in the article I referenced is not so much
> that the NIST curves are suspect (for the reasons you mention) but the
> fact that the ECDSA algorithm itself is such that it is virtually
> impossible to implement in such a way that the code uses constant time.
> This opens the door for side channel (timing) attacks. The fact that you
> use a "nothing up my sleeve" curve does not change that fact.

Rereading the article I'm not sure again if my last statement is
correct... Perhaps Bernsteins objections against ECDSA are against ECDSA
+NIST-curves (because those use parameters that make a constant time
implementation hard?) and not vs ECDSA as such. "Every natural
implementation of ECDSA" is a bit ambiguous in this respect...

Regards,
Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux