Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mulPointScalar vulnerable to timing attacks #324

Open
ChinoCribioli opened this issue Sep 11, 2024 · 0 comments · May be fixed by #325
Open

mulPointScalar vulnerable to timing attacks #324

ChinoCribioli opened this issue Sep 11, 2024 · 0 comments · May be fixed by #325
Assignees
@ChinoCribioli
Labels
bug 🐛 Something isn't working

Comments

@ChinoCribioli
Copy link
Contributor

The mulPointScalar method is implemented with the regular 'square and multiply' algorithm, which is prone to timing attacks due to the fact that the number of EC point additions depends on the number of 1's in the binary expression of the scalar. To fix this it is necessary to implement an algorithm to multiply a point by an integer in constant time.
@ChinoCribioli ChinoCribioli added the bug 🐛 Something isn't working label Sep 11, 2024
@ChinoCribioli ChinoCribioli linked a pull request Sep 11, 2024 that will close this issue
Open
7 tasks
ChinoCribioli added a commit to ChinoCribioli/zk-kit that referenced this issue Sep 11, 2024
@ChinoCribioli
docs(baby-jubjub): fixed documentation
8127d10 
re privacy-scaling-explorations#324
ChinoCribioli added a commit to ChinoCribioli/zk-kit that referenced this issue Sep 12, 2024
@ChinoCribioli
docs(baby-jubjub): added resource of Montgomery Ladder
3c122c5 
re privacy-scaling-explorations#324
ChinoCribioli added a commit to ChinoCribioli/zk-kit that referenced this issue Sep 12, 2024
@ChinoCribioli
fix(baby-jubjub): replaced undetermined while with hardcoded for loop
56fcd9f 
re privacy-scaling-explorations#324
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ChinoCribioli ChinoCribioli

Labels
bug 🐛 Something isn't working
Projects
ZK-Kit
Status: 👀 In Review
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Constant-time EC point multiplication (Montgomery ladder) implementation ChinoCribioli/zk-kit
1 participant
@ChinoCribioli