request for TLBleed information / non-constant-time vulnerabilities
Michael R. Hines
mrhines at digitalocean.com
Tue Jul 31 02:03:29 CEST 2018
Greetings,
Our team is trying to get an accurate understanding of whether or not
the most recent version of libgcrypt does or does not remain vulnerable
to the timing attack document here:
https://www.vusec.net/wp-content/uploads/2018/07/tlbleed-author-preprint.pdf
In addition to that, more generally, as a cloud provider we are also
looking for input and guidance on whether or not there are other
locations that should be of concern within libgcrypt from the
perspective of TLBleed.
Thank you!
--
/*
* Michael R. Hines
* Staff Engineer, DigitalOcean.
*/
More information about the Gcrypt-devel
mailing list