Sidechannel resistence of uECC_sign disabled

Question

Sidechannel resistence of uECC_sign disabled

winnietwo opened this issue 5 years ago · 1 comments

The function uECC_sign_with_k() applies side-channel resistance to k by multiplying k with a random number "tmp". This is only applied if g_rng_function is set. unfortunately, g_rng_function is never set. The reason is:

g_rng_function in ecc_dsa.c is a different variable than g_rng_function in ecc.c.
When compiling ecc_dsa.c, <tinycrypt/ecc_platform_specific.h> is not included, the copy of g_rng_function points to NULL
if g_rng_function is NULL, the side channel resistance is disabled

Answer 1 · 2019-09-17T21:27:53.000Z

The issue has been fixed for both EC-DSA and EC-DH implementations. Thank you @winnietwo for your contribution to TinyCrypt!