[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
On 11/08/2011 12:28 AM, Jacob Appelbaum wrote:
On 11/07/2011 09:29 PM, coderman wrote:
On Sun, Nov 6, 2011 at 5:57 PM, Moritz Bartl<moritz@xxxxxxxxxxxxxx> wrote:
[notice] Using OpenSSL engine Intel AES-NI engine [aesni] for AES
are getting not only 3x-10x+ performance improvement in AES ops, but
also avoiding nearly all side channel attacks against AES!
Aren't you really just replacing them with hardware specific side
channel attacks against their implementation of AES? :)
I wouldn't think so.
My understanding is that the problem with AES is that a straightforward
implementation performs lots of table lookups and the access pattern is
dependent on the secret key. This leaks information via cache timing.
AES-NI converts this to a single instruction which is said to operate in
constant time. So that would be a back door, not a side channel attack. :-)
tor-talk mailing list