tarcieri
commented
2 months ago FWIW I wrote a very barebones wrapper for it here: https://github.com/RustCrypto/utils/pull/1102
Open tgross35 opened 2 months ago
tarcieri
commented
2 months ago FWIW I wrote a very barebones wrapper for it here: https://github.com/RustCrypto/utils/pull/1102
tgross35
commented
2 months ago It looks like Intel has something similar, but I have no idea how well supported that is https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html
tarcieri
commented
2 months ago The aarch64-dit crate is now available: https://docs.rs/aarch64-dit
Though subtle could make use of it (and it supports nested usages) the real benefit would probably be the outer code which leverages subtle using it.
aarch64 supports data-independent timing https://developer.arm.com/documentation/ddi0595/2020-12/AArch64-Registers/DIT--Data-Independent-Timing, which is also available on Apple silicon https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations. Would it be advantageous to make use of the feature in this crate?