Skip to content

crypto/ecdsa: use variable time ScalarBaseMult/ScalarMult in Verify #71297

Open
Open
crypto/ecdsa: use variable time ScalarBaseMult/ScalarMult in Verify#71297
Labels
ImplementationIssues describing a semantics-preserving change to the Go implementation.NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.Performance
Milestone
Go1.27
@rolandshoemaker

Description

@rolandshoemaker
rolandshoemaker
opened on Jan 16, 2025

We're leaving some perf on the table by doing these operations in constant time. We should use a variable time scalar mult, similar to what we do for crypto/ed25519:

go/src/crypto/internal/fips140/ed25519/ed25519.go

Line 335 in 1a93e4a

R := (&edwards25519.Point{}).VarTimeDoubleScalarBaseMult(k, minusA, S)

cc @FiloSottile

Metadata

Metadata

Assignees

No one assigned

    Labels

    ImplementationIssues describing a semantics-preserving change to the Go implementation.NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.Performance

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions