Re: [RFC/RFT PATCH] crypto: aes/generic - use unaligned loads to eliminate 50% of lookup tables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
>
> +config CRYPTO_AES_REDUCED_TABLES
> +       bool "Use reduced AES table set"
> +       depends on CRYPTO_AES && HAVE_EFFICIENT_UNALIGNED_ACCESS
> +       default y
> +       help
> +         Use a set of AES lookup tables that is only half the size, but
> +         uses unaligned accesses to fetch the data. Given that the D-cache
> +         pressure of table based AES induces timing variances that can
> +         sometimes be exploited to infer key bits when the plaintext is
> +         known, this should typically be left enabled.

I don't think this option should exist at all, and certainly
not as a user-visible option.

Thanks,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux