Note from a donor
Kagamin
spam at here.lot
Fri Oct 27 17:35:17 UTC 2017
On Wednesday, 25 October 2017 at 14:17:21 UTC, Jonathan M Davis
wrote:
> The point still stands though that you have to be _very_
> careful when implementing anything security related, and it's
> shockingly easy to do something that actually leaks information
> even if it's not outright buggy (e.g. the timing of the code
> indicates something about success or failure to an observer)
Fun read: http://cr.yp.to/papers.html#cachetiming - a cache
timing attack on AES recovering full key. This flaw was accounted
for in Salsa and Chacha design.
More information about the Digitalmars-d
mailing list