One whole technique not mentioned in the paper or comments is bitslicing. For no... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		i2km 9 months ago \| parent \| context \| favorite \| on: Constant-Time Code: The Pessimist Case [pdf] One whole technique not mentioned in the paper or comments is bitslicing. For non-branching code (e.g. symmetric ciphers) it's guaranteed constant-time and it would be a remarkable compiler indeed which could introduce optimizations and timing variations to bit-sliced code...

gavinhoward 9 months ago [–]

The author of the paper knows about bitslicing [1], so not mentioning it seems deliberate.

My guess is that bitslicing only gets you so far.

[1]: https://bearssl.org/constanttime.html#bitslicing

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact