Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[crypto] Harden RSA modexp subroutine. #25694

Merged
merged 1 commit into from
Dec 19, 2024

Conversation

jadephilipoom
Copy link
Contributor

See #25300 for context; this is an updated version of that hardening change based on the coding guidelines from COCO-Alma.

Add some SCA hardening measures to the modexp subroutine that selects either the squared or squared-and-multiplied result in square-and-multiply-always modular exponentiation.

Although the rest of the code is not hardened, the hardening for RSA will likely preserve this subroutine, so hardening it is still useful.

Add some SCA hardening measures to the modexp subroutine that selects either
the squared or squared-and-multiplied result in square-and-multiply-always
modular exponentiation.

Although the rest of the code is not hardened, the hardening for RSA will
likely preserve this subroutine, so hardening it is still useful.

Signed-off-by: Jade Philipoom <[email protected]>
@jadephilipoom jadephilipoom added the CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0 label Dec 18, 2024
@jadephilipoom
Copy link
Contributor Author

jadephilipoom commented Dec 18, 2024

Performance impact is minimal: RSA-2048 modexp goes from 18889021 cycles (according to the last benchmarks) to 18970942 cycles, a 0.4% increase.

Copy link
Contributor

@johannheyszl johannheyszl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks this is a great example for effective collab :)

Copy link
Member

@nasahlpa nasahlpa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, LGTM!

This is the code snippet that was used for the SCA analysis @johannheyszl?

@johannheyszl
Copy link
Contributor

@nasahlpa this is correct

@jadephilipoom jadephilipoom merged commit 6d729cc into lowRISC:master Dec 19, 2024
40 checks passed
@jadephilipoom jadephilipoom deleted the sqr-or-sqrmul-debug branch December 19, 2024 15:10
Copy link

Successfully created backport PR for earlgrey_1.0.0:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CherryPick:earlgrey_1.0.0 This PR should be cherry-picked to earlgrey_1.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants