Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T02:57:18Zhttps://gitlab.torproject.org/legacy/trac/-/issues/11050pycrypto's AES implementation is not constant time2020-06-13T02:57:18ZYawning Angelpycrypto's AES implementation is not constant timeThis is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.
https://github.com/dlitz/pycrypto/blob/master/src/AES.c
It's not too bad in the pluggable transport case since traffic is super-enciphere...This is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.
https://github.com/dlitz/pycrypto/blob/master/src/AES.c
It's not too bad in the pluggable transport case since traffic is super-enciphered, the session keys are ephemeral, and actually extracting sufficiently accurate timing information is probably non-trivial, but it probably should be addressed somehow.