subtle icon indicating copy to clipboard operation
subtle copied to clipboard

Published 20 hours ago verified publisher icon dalek-cryptography

Conditionally select usize

Open nickray opened this issue 3 years ago • 1 comments

Background is an RSA implementation I'm writing, where I'm using type Digit = usize.

I presume lack of implementation for usize/isize was an oversight, not intentional?

nickray avatar Apr 16 '21 16:04 nickray

The lack of implementation for usize was because usize is most commonly used to index arrays, and providing ConditionallySelectable for usize could lead someone to think that doing

let index = usize::conditional_select(&a, &b, choice);
let val = array[index];

was doing a constant-time selection out of the array, when in fact using secret array indices can leak information into caches.

For a constant-time RSA implementation (I'm assuming Digit is used for a big-integer representation), it seems better to use Digit = u64, so that you know the size of your digits.

hdevalence avatar Apr 19 '21 22:04 hdevalence