Open frasertweedale opened 9 years ago
Am I right to assume this bug has actually been fixed with #12 been closed? There is still a warning in the README.
@sophie-h alas no, the latest version of cryptonite still apparently has the timing problem: https://hackage.haskell.org/package/cryptonite-0.21/docs/Crypto-PubKey-ECC-ECDSA.html
Thank you for the clarification!
Crypto.PubKey.ECC.ECDSA signing operations are vulnerable to timing attacks. Switch to a safe implementation.
http://hackage.haskell.org/package/crypto-pubkey-0.2.8/docs/Crypto-PubKey-ECC-ECDSA.html