Boost :

From: Peter Dimov (pdimov_at_[hidden])
Date: 2024-12-11 17:43:06

• Next message: Claudio DeSouza: "Re: [Hash2] Result extension"
• Previous message: Peter Dimov: "Re: [hash2] Difference from paper: HashAlgorithm interface vs. function object"
• In reply to: Tom Kent: "Re: [hash2] Formal Review Begins"
• Next in thread: Ruben Perez: "Re: [hash2] Formal Review Begins"

Tom Kent wrote:
> For example, there have been timing attacks against SHA-2/HMAC where the
> difference in the amount of time processing takes can leak information about
> the secret key.
> https://dl.acm.org/doi/10.1007/978-3-030-89915-8_2

This is an attack against a hardware implementation of HMAC-SHA2-256. The
paper doesn't seem to be freely available, but I _think_ that it relies on data
leaks via changes in power consumption.

This doesn't seem applicable to software implementations, and I wasn't able
to find attacks against software HMAC-SHA2-256. (Admittedly, after a not
that exhaustive search attempt.)

Either way, if you think that not having a SHA-2 implementation in Boost
will increase the resistance of the collective body of C++ code against side
channel attacks, I can only say that I believe you are very much mistaken.

• Next message: Claudio DeSouza: "Re: [Hash2] Result extension"
• Previous message: Peter Dimov: "Re: [hash2] Difference from paper: HashAlgorithm interface vs. function object"
• In reply to: Tom Kent: "Re: [hash2] Formal Review Begins"
• Next in thread: Ruben Perez: "Re: [hash2] Formal Review Begins"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk