mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
c4a8eb624f
openssl/crypto/ec
History
Sohaib ul Hassan f667820c16 Implement coordinate blinding for EC_POINT 
This commit implements coordinate blinding, i.e., it randomizes the
representative of an elliptic curve point in its equivalence class, for
prime curves implemented through EC_GFp_simple_method,
EC_GFp_mont_method, and EC_GFp_nist_method.

This commit is derived from the patch
https://marc.info/?l=openssl-dev&m=131194808413635 by Billy Brumley.

Coordinate blinding is a generally useful side-channel countermeasure
and is (mostly) free. The function itself takes a few field
multiplicationss, but is usually only necessary at the beginning of a
scalar multiplication (as implemented in the patch). When used this way,
it makes the values that variables take (i.e., field elements in an
algorithm state) unpredictable.

For instance, this mitigates chosen EC point side-channel attacks for
settings such as ECDH and EC private key decryption, for the
aforementioned curves.

For EC_METHODs using different coordinate representations this commit
does nothing, but the corresponding coordinate blinding function can be
easily added in the future to extend these changes to such curves.

Co-authored-by: Nicola Tuveri <nic.tuv@gmail.com>
Co-authored-by: Billy Brumley <bbrumley@gmail.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6501)
2018-06-19 11:43:59 +01:00
..
asm ec/asm/ecp_nistz256-avx2.pl: harmonize clang version detection. 2018-06-18 19:59:11 +02:00
curve448 Remove some logically dead code 2018-05-31 10:38:51 +01:00
build.info ECC: unify generic ec2 and ecp scalar multiplication, deprecate ec2_mult.c 2018-05-09 13:30:38 +02:00
curve25519.c ec/curve25519.c: resolve regression with Android NDK's arm64 gcc. 2018-03-13 19:31:53 +01:00
ec2_oct.c
ec2_smpl.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ec_ameth.c Move SM2 algos to SM2 specific PKEY method 2018-06-19 11:29:44 +01:00
ec_asn1.c ECDSA_SIG: add simple getters for commonly used struct members 2018-05-28 19:11:23 +02:00
ec_check.c
ec_curve.c Improve compatibility of point and curve checks 2018-05-24 17:17:44 +01:00
ec_cvt.c
ec_err.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ec_key.c Update copyright year 2018-04-17 15:18:40 +02:00
ec_kmeth.c
ec_lcl.h Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ec_lib.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ec_mult.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ec_oct.c Improve compatibility of point and curve checks 2018-05-24 17:17:44 +01:00
ec_pmeth.c Move SM2 algos to SM2 specific PKEY method 2018-06-19 11:29:44 +01:00
ec_print.c Update copyright year 2018-04-17 15:18:40 +02:00
ecdh_kdf.c
ecdh_ossl.c Update copyright year 2018-04-03 13:57:12 +01:00
ecdsa_ossl.c Add blinding to an ECDSA signature 2018-06-13 16:19:22 +01:00
ecdsa_sign.c
ecdsa_vrf.c
eck_prn.c
ecp_mont.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecp_nist.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecp_nistp224.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecp_nistp256.c Better error code when lacking __SIZEOF_INT128__ 2018-05-23 11:57:04 +02:00
ecp_nistp521.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecp_nistputil.c
ecp_nistz256_table.c
ecp_nistz256.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecp_oct.c Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
ecp_smpl.c Implement coordinate blinding for EC_POINT 2018-06-19 11:43:59 +01:00
ecx_meth.c Add support getting raw private/public keys 2018-06-08 10:04:09 +01:00