Note from a donor

Kagamin spam at here.lot
Fri Oct 27 17:35:17 UTC 2017


On Wednesday, 25 October 2017 at 14:17:21 UTC, Jonathan M Davis 
wrote:
> The point still stands though that you have to be _very_ 
> careful when implementing anything security related, and it's 
> shockingly easy to do something that actually leaks information 
> even if it's not outright buggy (e.g. the timing of the code 
> indicates something about success or failure to an observer)

Fun read: http://cr.yp.to/papers.html#cachetiming - a cache 
timing attack on AES recovering full key. This flaw was accounted 
for in Salsa and Chacha design.


More information about the Digitalmars-d mailing list