Libgcrypt and libgmp
Werner Koch
wk at gnupg.org
Tue Sep 9 08:58:11 CEST 2014
On Tue, 9 Sep 2014 00:03, simon at josefsson.org said:
> Wasn't another reason for not using GMP directly in libgcrypt that it
> isn't written in a side-channel free way? So calling GMP functions with
Back then side-channel attacks on general purpose computers were not a
hot topic. The main concern back in 1997 was the problem that sensitive
material could end up in the swap space. Thus the mlock-ed heap and
that major change of allocating data on the heap and not on the stack.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list