-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ktp.next() for keys #116
Comments
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
backlog: With Possible solutions:
|
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
Signed-off-by: Michael Tempelmeier <[email protected]>
see lowRISC#116 for more details Signed-off-by: Michael Tempelmeier <[email protected]>
For more details see lowRISC/ot-sca#116 Signed-off-by: Michael Tempelmeier <[email protected]>
For otbn we are using the second solution. See lowRISC/opentitan#17416 and #128 It's running smoothly, while the dummy iteration on the device creates a significant overhead. |
The behaviour/use of the host-side PRNG is hard to understand for reasons described here. Latest host-side batch capture implementation: #197 PRNG likely replaced in future, hence deprioritizing this issue. |
As discussed in #115 and https://docs.google.com/document/d/1sZjASiUji_IT-t9jEFlK-kGc_Gw3mGfubNvpkM_IQT4/edit#heading=h.qd65x0y76b0e we should check the usage of
key, text = ktp.next()
incw/capture.py
Default behavior is that
ktp.next()
returnsconst_key, random_plaintext
. This default behavior can be changed withctx.obj.ktp.fixed_key = False
.Afaik, we call
ktp.next()[0]
only once per function and use only the first call of the iterator to assign a constant key. For random keys we usektp.next()[1]
. Thus, I think we ware fine and can change the default behavior, but we should double check that and read the spec if the first call of the iterator still outputs a deterministic value. On the other hand, if we really rely on a constant non random value, we should use a constant and not a constant iterator.The text was updated successfully, but these errors were encountered: