request for TLBleed information / non-constant-time vulnerabilities

Michael R. Hines mrhines at
Tue Jul 31 02:03:29 CEST 2018


Our team is trying to get an accurate understanding of whether or not 
the most recent version of libgcrypt does or does not remain vulnerable
to the timing attack document here:

In addition to that, more generally, as a cloud provider we are also 
looking for input and guidance on whether or not there are other 
locations that should be of concern within libgcrypt from the 
perspective of TLBleed.

Thank you!

  * Michael R. Hines
  * Staff Engineer, DigitalOcean.

More information about the Gcrypt-devel mailing list