max-au
commented
2 years ago With newer openSSL versions blinding no longer causes lock contention.
Closed max-au closed 2 years ago
max-au
commented
2 years ago With newer openSSL versions blinding no longer causes lock contention.
Existing OTP implementation suffers from a concurrency issue caused by openSSL RSA timing attack mitigation (blinding mechanism). Solving the problem requires a different approach to passing RSA private keys from OTP crypto module to openSSL NIF counterpart.