We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sjcl elliptic curve public key calculation time depends on private key bits, effectively leaking all the timings:
sjcl private key A x 7,624 ops/sec @ 131μs/op sjcl private key B x 117 ops/sec @ 8ms/op sjcl private key C x 56 ops/sec @ 17ms/op
Reproducible with this code:
// mkdir a && cd a && npm init -y && npm install micro-bmark sjcl-including-ecc const bmark = require('micro-bmark'); const sjcl = require('sjcl-including-ecc'); const curve = sjcl.ecc.curves.k256; const privA = '1000000000000000000000000000000000000000000000000000000000000000'; const privB = '0000000000000000000000000000010000000000000000000000000000000000'; const privC = '0000000000000000000000000000000000000000000000000000000000000001'; bmark.run(async () => { console.log(curve.G.mult(privA).isIdentity); await bmark.mark('sjcl private key A', 110, () => curve.G.mult(privA)); await bmark.mark('sjcl private key B', 110, () => curve.G.mult(privB)); await bmark.mark('sjcl private key C', 110, () => curve.G.mult(privC)); })
The text was updated successfully, but these errors were encountered:
No branches or pull requests
sjcl elliptic curve public key calculation time depends on private key bits, effectively leaking all the timings:
Reproducible with this code:
The text was updated successfully, but these errors were encountered: