arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add timing attack countermeasures to Kalyna (Issue 411) 

The code at check-in a5c67cfdd6 did not include it. Unlike Threefish, it looks like Kalyna could benefit from the cache hardening given how similar Kalyna is to AES. The hardening costs less than 0.1 cpb, which equates to about 199 MB/s vs 201 MB/s on a 6th gen Skylake
pull/416/head
Jeffrey Walton 2017-05-06 20:14:26 -04:00
parent 14236ce94b
commit 9cf9f4235d
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
kalyna.cpp
View File

@ -1227,6 +1227,15 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
{
// Timing attack countermeasure. see comments in Rijndael for more details
const int cacheLineSize = GetCacheLineSize();
volatile word32 _u = 0;
word32 u = _u;
for (unsigned int i=0; i<COUNTOF(KalynaTab::S); i+=cacheLineSize)
u &= *reinterpret_cast<const word32*>(KalynaTab::S+i);
m_wspace[0] = u;
switch ((m_nb << 8) | m_nk)
{
case (2 << 8) | 2: