subtle icon indicating copy to clipboard operation
subtle copied to clipboard
verified publisher icon dalek-cryptography

Make use of Data-Independent Timing (DIT) on Arm

Open tgross35 opened this issue 1 year ago • 3 comments

aarch64 supports data-independent timing https://developer.arm.com/documentation/ddi0595/2020-12/AArch64-Registers/DIT--Data-Independent-Timing, which is also available on Apple silicon https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations. Would it be advantageous to make use of the feature in this crate?

tgross35 avatar Aug 23 '24 21:08 tgross35

FWIW I wrote a very barebones wrapper for it here: https://github.com/RustCrypto/utils/pull/1102

tarcieri avatar Aug 25 '24 18:08 tarcieri

It looks like Intel has something similar, but I have no idea how well supported that is https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html

tgross35 avatar Aug 25 '24 19:08 tgross35

The aarch64-dit crate is now available: https://docs.rs/aarch64-dit

Though subtle could make use of it (and it supports nested usages) the real benefit would probably be the outer code which leverages subtle using it.

tarcieri avatar Sep 18 '24 00:09 tarcieri