1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <jeanpaulkogelman@me.com>) id 1WLBix-0006a6-9N
for bitcoin-development@lists.sourceforge.net;
Wed, 05 Mar 2014 13:19:03 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of me.com
designates 17.172.220.236 as permitted sender)
client-ip=17.172.220.236; envelope-from=jeanpaulkogelman@me.com;
helo=st11p02mm-asmtp001.mac.com;
Received: from st11p02mm-asmtp001.mac.com ([17.172.220.236])
by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1WLBiw-0006F2-C5 for bitcoin-development@lists.sourceforge.net;
Wed, 05 Mar 2014 13:19:03 +0000
Received: from [172.65.103.42] (unknown [218.188.76.249])
by st11p02mm-asmtp001.mac.com
(Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit
(built Aug
22 2013)) with ESMTPSA id <0N1Y008T9SYXCS80@st11p02mm-asmtp001.mac.com>
for bitcoin-development@lists.sourceforge.net; Wed,
05 Mar 2014 13:18:37 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure
engine=2.50.10432:5.11.87,1.0.14,0.0.0000
definitions=2014-03-05_05:2014-03-05, 2014-03-05,
1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
suspectscore=2 phishscore=0 adultscore=0 bulkscore=0 classifier=spam
adjust=0
reason=mlx scancount=1 engine=7.0.1-1401130000
definitions=main-1403050041
Content-type: text/plain; charset=us-ascii
MIME-version: 1.0 (1.0)
From: Jean-Paul Kogelman <jeanpaulkogelman@me.com>
X-Mailer: iPhone Mail (11B651)
In-reply-to: <CAPg+sBgRn_hOVzTRwvtYaLEKmJR9Lfb-WDsA4eh9+FfAv9+Q5Q@mail.gmail.com>
Date: Wed, 05 Mar 2014 21:18:31 +0800
Content-transfer-encoding: quoted-printable
Message-id: <B8414072-3C87-46BE-82DA-B372927300AA@me.com>
References: <CANEZrP25N7W_MeZin_pyVQP5pC8bt5yqJzTXt_tN1P6kWb5i2w@mail.gmail.com>
<CAPg+sBgRn_hOVzTRwvtYaLEKmJR9Lfb-WDsA4eh9+FfAv9+Q5Q@mail.gmail.com>
To: Pieter Wuille <pieter.wuille@gmail.com>
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1WLBiw-0006F2-C5
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] New side channel attack that can recover
Bitcoin keys
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 13:19:03 -0000
> On Mar 5, 2014, at 8:56 PM, Pieter Wuille <pieter.wuille@gmail.com> wrote:=
>=20
>> On Wed, Mar 5, 2014 at 1:49 PM, Mike Hearn <mike@plan99.net> wrote:
>> I am not currently aware of any efforts to make OpenSSL's secp256k1
>> implementation completely side channel free in all aspects. Also,
>> unfortunately many people have reimplemented ECDSA themselves and even if=
>> OpenSSL gets fixed, the custom implementations probably won't.
>=20
> As far as I know, judging from the implementation, there is hardly any
> effort to try to prevent timing attacks.
>=20
Is it safe to assume that this is also true for your secp256k1 implementatio=
n?
jp
> --=20
> Pieter
>=20
> --------------------------------------------------------------------------=
----
> Subversion Kills Productivity. Get off Subversion & Make the Move to Perfo=
rce.
> With Perforce, you get hassle-free workflows. Merge that actually works.=20=
> Faster operations. Version large binaries. Built-in WAN optimization and t=
he
> freedom to use Git, Perforce or both. Make the move to Perforce.
> http://pubads.g.doubleclick.net/gampad/clk?id=3D122218951&iu=3D/4140/ostg.=
clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
|