diff options
| author | Jack Lloyd <[email protected]> | 2015-11-29 02:45:49 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2015-11-29 02:45:49 -0500 |
| commit | ebf2164a972517ee405428d9d0641fe296aba745 (patch) | |
| tree | b60831471a37219902d5d6a165b03700f550a402 /doc | |
| parent | 0bc108a29fd2e7ff6fe992ea8e6c56a5cde27e34 (diff) | |
Improve side channel attack resistance of table based AES impl
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/news.rst | 8 | ||||
| -rw-r--r-- | doc/todo.rst | 1 |
2 files changed, 8 insertions, 1 deletions
diff --git a/doc/news.rst b/doc/news.rst index 68a81f189..bf6b91535 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -9,7 +9,11 @@ Version 1.11.25, Not Yet Released adopted over time, each of which was insufficient on its own for testing the entire library. These have been fully converged on a new framework which suffices for all of the tests. There should be no user-visible change as a - result of this. + result of this, except that the output format of `botan-test` has changed. + +* Improved side channel countermeasures for the table based AES implementation, + by ensuring the table is loaded into memory at start and computing the table + at runtime to avoid flush+reload based attacks due to shared VMM mappings. * The OpenSSL implementation of RC4 would return the wrong value from `name` if leading bytes of the keystream had been skipped in the output. @@ -30,6 +34,8 @@ Version 1.11.25, Not Yet Released * Added `remove_all` function to the `TLS::Session_Manager` interface +* Avoid GCC warning in pedantic mode when including bigint.h GH #330 + Version 1.11.24, 2015-11-04 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/doc/todo.rst b/doc/todo.rst index 11bfc8836..5ea142464 100644 --- a/doc/todo.rst +++ b/doc/todo.rst @@ -57,6 +57,7 @@ Symmetric Algorithms, Hashes, ... ---------------------------------------- * Bitsliced AES or Camellia +* Compressed tables for AES * Camellia with AES-NI * Serpent using AVX2 * Serpent using SSSE3 pshufb for sboxes |