Open Blckbrry-Pi opened 2 months ago
This stack of pull requests is managed by Graphite. Learn more about stacking.
Join @Blckbrry-Pi and the rest of your teammates on Graphite
I'm not too familiar with this kind if attack, is it possible to write a unit test that confirms this attack is no longer valid after this patch?
Almost definitely not. The theoretical timing attack I proposed would probably take about 3 days minimum to attempt, and that would be if the attacker was on the lucky side.
I can almost guarantee that this style of timing attack will be impossible until a method is released to manipulate SHA256 hashes bit by bit.
Resolves OGB-53