It appears to be the number of trailing zero bytes in an elliptic curve secret key. That lets an attacker narrow the search space, but that is all.
Thank you, that's accurate from the science perspective.Yet more importantly, the implementation is not constant time in the accepted model we've been using since 2004. It seems BoringSSL has their own definition for that, better suiting their business model -- "alternative facts"
BBB -- Dr. Billy B. Brumley, D.Sc. (Tech.) Research Director, ESL Global Cybersecurity Institute (GCI) Kevin O'Sullivan Endowed Professor, Department of Cybersecurity (CSEC) Director, Platform Security Laboratory (PLATSEC) Rochester Institute of Technology Cybersecurity Hall 70-1770 100 Lomb Memorial Drive Rochester, NY, 14623-5608, USA S/MIME public key: https://people.rit.edu/bbbics/[email protected] S/MIME public key: https://people.rit.edu/bbbics/[email protected] https://www.rit.edu/directory/bbbics-billy-brumley https://www.rit.edu/cybersecurity/
smime.p7s
Description: S/MIME Cryptographic Signature
