Documenting here a known issue (I spotted some time ago already): the hardware-level crypto state machine does not properly verify tags in constant time.
Depending on the application and usage, this could be dangerously exploited in a timing side channel to brute-force expected tags (eg used by sancus_verify) in linear time byte-per-byte.
Note this is not a problem when calling sancus_tag and then doing the provided tag comparison in constant-time software (eg as done in VulCAN).
Solution. Crypto state machine should always behave constant-time and only check the tag_ok signal after mem_done has finished:
Documenting here a known issue (I spotted some time ago already): the hardware-level crypto state machine does not properly verify tags in constant time.
Depending on the application and usage, this could be dangerously exploited in a timing side channel to brute-force expected tags (eg used by
sancus_verify) in linear time byte-per-byte.Note this is not a problem when calling
sancus_tagand then doing the provided tag comparison in constant-time software (eg as done in VulCAN).Solution. Crypto state machine should always behave constant-time and only check the
tag_oksignal aftermem_donehas finished:https://github.com/sancus-tee/sancus-core/blob/master/core/rtl/verilog/crypto/crypto_control.v#L157