[rust-dev] Rust crypto highlights

Tony Arcieri bascule at gmail.com
Wed Oct 8 21:53:24 PDT 2014


On Wed, Oct 8, 2014 at 7:34 PM, Palmer Cox <palmercox at gmail.com> wrote:

> rust-crypto and timing attacks [...] AES-NI [...] no one has verified that
> LLVM optimizations [...] assembly code [...] build something like
> rust-constanttime
>

Seems like an OK trajectory, but it would be good to verify if data
dependent timings give attackers a useful statistical signal in Rust crypto
applications, even ones where the core is assembly. I am working on a
library for measuring this empirically.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rust-dev/attachments/20141008/8b9ae465/attachment.html>


More information about the Rust-dev mailing list