Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mulPointScalar vulnerable to timing attacks #324

Open
ChinoCribioli opened this issue Sep 11, 2024 · 0 comments · May be fixed by #325
Open

mulPointScalar vulnerable to timing attacks #324

ChinoCribioli opened this issue Sep 11, 2024 · 0 comments · May be fixed by #325
Assignees
Labels
bug 🐛 Something isn't working

Comments

@ChinoCribioli
Copy link
Contributor

The mulPointScalar method is implemented with the regular 'square and multiply' algorithm, which is prone to timing attacks due to the fact that the number of EC point additions depends on the number of 1's in the binary expression of the scalar. To fix this it is necessary to implement an algorithm to multiply a point by an integer in constant time.

@ChinoCribioli ChinoCribioli added the bug 🐛 Something isn't working label Sep 11, 2024
@github-project-automation github-project-automation bot moved this to 📋 Backlog in ZK-Kit Sep 11, 2024
ChinoCribioli added a commit to ChinoCribioli/zk-kit that referenced this issue Sep 11, 2024
@cedoor cedoor moved this from 📋 Backlog to 👀 In Review in ZK-Kit Sep 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug 🐛 Something isn't working
Projects
Status: 👀 In Review
Development

Successfully merging a pull request may close this issue.

1 participant