crypto: constant time AES and GCM #19413
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?1.7.4
What operating system and processor architecture are you using (
go env
)?What did you do?
Looked at the Go docs for
crypto/aes
What did you expect to see?
That the AES implementation uses bitslicing to make it constant time.
What did you see instead?
That the AES-GCM implementation is not constatn time and is vulnerable to timing attacks.
The text was updated successfully, but these errors were encountered: