constant-time | 易学教程

Import error No module named constant_time while accessing server

阅读更多关于 Import error No module named constant_time while accessing server

问题 This is the follow up of Import Modules in Nifi ExecuteScript I am new to python as well as nifi. I am trying to execute my python script in ExecuteScript processor. I want to access a server. so i used paramiko client. But when i run the processor, it shows "Import error No module named constant_time" at line session.write(). Though i have this constant_time.py under "/usr/local/lib/python2.7/dist-packages/ " I have also the path "/usr/local/lib/python2.7/dist-packages/ " in sys.path. I have

Is JavaScript switch statement linear or constant time?

阅读更多关于 Is JavaScript switch statement linear or constant time?

问题 I have the following JavaScript on my site so that when certain specific searches are performed, the answer is hardcoded to a specific page: function redirect() { var input = document.getElementById('searchBox').value.toLowerCase(); switch (input) { case 'rectangular': window.location.replace('http://www.Example.com/Rectangular/'); break; case 'elephant': window.location.replace('http://www.Example.com/Elephants/'); break; case 'coils': window.location.replace('http://www.Example.com/Parts/')

Is masking effective for thwarting side channel attacks?

阅读更多关于 Is masking effective for thwarting side channel attacks?

问题 I'm working with some bigint public-key cryptography code. Is it safe to use bitwise masking to ensure that the calculation timing and memory addresses accessed are independent of the data values? Is this technique vulnerable to side-channel attacks based on instruction timing, power, RF emissions, or other things I'm unaware of? (For reference, I'm aware of techniques like RSA blinding, EC Montgomery ladder, cache flushing, and such.) Example of straightforward code (C/C++): uint a = (...),

Is masking effective for thwarting side channel attacks?

阅读更多关于 Is masking effective for thwarting side channel attacks?

I'm working with some bigint public-key cryptography code. Is it safe to use bitwise masking to ensure that the calculation timing and memory addresses accessed are independent of the data values? Is this technique vulnerable to side-channel attacks based on instruction timing, power, RF emissions, or other things I'm unaware of? (For reference, I'm aware of techniques like RSA blinding, EC Montgomery ladder, cache flushing, and such.) Example of straightforward code (C/C++): uint a = (...), b = (...); if (a < b) a += b; Now translated to use constant-time masking: uint a = (...), b = (...);

Near constant time rotate that does not violate the standards

阅读更多关于 Near constant time rotate that does not violate the standards

I'm having a heck of a time trying to come up with a constant time rotate that does not violate the C/C++ standards. The problem is the edge/corner cases, where operations are called out in algorithms and those algorithms cannot be changed. For example, the following is from Crypto++ and executes the test harness under GCC ubsan (i.e., g++ fsanitize=undefined ): $ ./cryptest.exe v | grep runtime misc.h:637:22: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int' misc.h:643:22: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int' misc.h:625:22:

Near constant time rotate that does not violate the standards

阅读更多关于 Near constant time rotate that does not violate the standards

问题 I\'m having a heck of a time trying to come up with a constant time rotate that does not violate the C/C++ standards. The problem is the edge/corner cases, where operations are called out in algorithms and those algorithms cannot be changed. For example, the following is from Crypto++ and executes the test harness under GCC ubsan (i.e., g++ fsanitize=undefined ): $ ./cryptest.exe v | grep runtime misc.h:637:22: runtime error: shift exponent 32 is too large for 32-bit type \'unsigned int\'