-
Notifications
You must be signed in to change notification settings - Fork 686
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Constant time base64 #559
Comments
I agree, but the problems can be avoided much more simply by not using base64 at all. ring intentionally doesn't support any base64 functionality as of now. OTOH it wouldn't be hard to add constant-time base64 to ring using its internal constant-time primitives, but it might be problematic to export enough of the private constant-time primitives so that others can implement base64 themselves on top of ring, so I'd at least review a PR that adds this. |
I agree that using base64 for secrets is a bad idea. On the other hand, a
lot of formats require it.
My current thought is to start with a simple implementation, then perhaps
later add optimized implementations that use SIMD instructions. I suspect
that SIMD should be a big win.
…On Jul 19, 2017 10:18 PM, "Brian Smith" ***@***.***> wrote:
I agree, but the problems can be avoided much more simply by not using
base64 at all. *ring* intentionally doesn't support any base64
functionality as of now. OTOH it wouldn't be hard to add constant-time
base64 to *ring* using its internal constant-time primitives, but it
might be problematic to export enough of the private constant-time
primitives so that others can implement base64 themselves on top of *ring*,
so I'd at least review a PR that adds this.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#559 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AGGWBxCu0PmuUUd_ogroMASRQNq7Df2Pks5sPrj7gaJpZM4OdeQL>
.
|
I don't think there's any need for a SIMD implementation for secrets, as secrets are small. |
This is needed to avoid a timing leak when reading and writing PEM encoded structures.
The text was updated successfully, but these errors were encountered: