[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+hr98HgjJAgPZUn8daOnW4vEt3gU6tm_Vk=uLYwkrgEUdO3OA@mail.gmail.com>
Date: Tue, 30 Sep 2014 14:09:47 +0200
From: Krisztián Pintér <pinterkr@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] Design Rationale and Security Analysis of PHC candidates
On Tue, Sep 30, 2014 at 1:59 PM, Dmitry Khovratovich
<khovratovich@...il.com> wrote:
> It applies to the schemes that may leak secret information via timing
> side-channels.
in this case, i would refer to gambit documentation page 4 "notes on security"
The design obeys the recommendations of Crypto Coding Standard, specifically:
✓ Avoid branchings controlled by secret data
✓ Avoid table lookups indexed by secret data
✓ Avoid secret dependent loop bounds
what would you consider needed to classify as "explored"?
Powered by blists - more mailing lists