Avoid branch-based timing leak in point addition

paragonie / phpecc

Pure PHP Elliptic Curve Cryptography Library

17 stars 3 forks source link

Closed paragonie-security closed 6 months ago

paragonie-security commented 6 months ago

The "point doubling" vs "point at infinity" condition is replaced by a constant-time swap.