Jack Lloyd

icon indicating a website link https://randombit.net icon indicating an email [email protected]

icon location Vermont icon location Cryptography and goats

Results 109 issues of Jack Lloyd

Improve --build-targets= option

Re-evaluate Certificate_Extension::validate

The way this is defined is pretty strange imo, and somewhat easy to implement in incorrect ways

Grab the JSON at build time straight from github?

Would lead to the downloaded crate being smaller anyway.

Compress the data at build time?

It's compressed for publication but (IIRC) using gzip, we can do quite a bit better with something like zstd.

Do parsing at compile time with a proc macro

We can just generate the structs directly, no more runtime serde.

Add more value barriers to avoid compiler induced side channels

7 comment

The paper https://arxiv.org/pdf/2410.13489 claims that on specific architectures Clang and GCC may introduce jumps here. The donna128 issues only affect 32-bit processors, which explains why we would not see it...

Reduce risk of compiler value range propogation in FrodoKEM sampling

1 comment

No compiler has been found to perform optimizations that introduce a side channel here, but the construct as written was somewhat risky.

Update the roadmap [ci skip]

2 comment

Remove the BigInt based NIST reduction functions

1 comment

Going forward the assumption is that if the user cares about ECC performance then pcurves is enabled.

k256 Schnorr / BIP340 doesn't handle the y odd case

5 comment

For both signature generation and verification, `k256` doesn't seem to handle the case where the `y` coordinate of the public key is odd. I guess it is implicitly assuming that...