Menu
▾
▴
Re: [sdcc-devel] AES optimization opportunity
|
From: Philipp K. K. <pk...@sp...> - 2025-12-19 20:53:21
|
Am 15.03.22 um 13:46 schrieb Sam Wilson: > > A timing attack would then measure the response time of a device > running the algorithm to deduct information about secrets (key or > plaintext). > > So what about an -Od command line flag (enable dangerous optimizations), > or a #pragma or something? > > Considering that SDCC is mostly used in embedded applications and > retrocomputing, so that the attack vectors are very different from the > desktop/server world. Since most code is not crypto, IMO, we can probably enable such optimizations by default, as long as we have both a commandline switch and a #pragma to easily disable them; I'll add that infrastructure in early 2026, and also hook it up to existing optimzations that might result in such side-channel attacks: https://sourceforge.net/p/sdcc/feature-requests/1007/ Philipp |
