From 2c295b2454c6ebb6e389a58e0cfae471479afe07 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 8 Jan 2018 09:13:15 -0500 Subject: [PATCH] Add topic on Side Channel leakage --- Readme.txt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Readme.txt b/Readme.txt index 54e22009..5b9d1277 100644 --- a/Readme.txt +++ b/Readme.txt @@ -202,6 +202,14 @@ The makefile links to the static version of the Crypto++ library to avoid binary planting and other LD_PRELOAD tricks. You should use the static version of the library in your programs to help avoid unwanted redirections. +*** Side Channel Attacks *** + +Crypto++ attempts to resist side channel attacks using various remediations. We +believe the library is hardened but the remdiations may be incomplete. The first +line of defense uses hardware instructions when possible. The library also uses +cache-aware algoirthms and access patterns to minimize leakage. If you suspect +or find an information leak then please report it. + *** Documentation and Support *** Crypto++ is documented through inline comments in header files, which are