2017-07-08 16:51:21 UTC
proposal: math/big: support for constant-time arithmetic
The brief summary is that Go has big-integer (âbig.Intâ) support in the standard library, which is used by the public-key crypto APIs in the standard library (e.g., crypto/rsa, crypto/dsa, crypto/ecdsa) - unsafely, because big.Int currently doesnât even make any attempt to support constant-time operation. My proposal, which launched the above thread, tries to identify and begin to prototype a reasonable, backward-compatible but general way of enhancing Goâs big.Int type to support constant-time operation as needed by crypto arithmetic.
Most of the current discussion participants are Go language and/or compiler people; the discussion might benefit from the perspectives of a hard-core cryptographer or two. Especially if any of you know of âexamples of interesting or important projectsâ using Go that would benefit from constant-time big-number arithmetic, it would be great if you could chime in.
Of course the threadâs primary focus is Go, but the discussion touches on many issues that are broadly relevant (and difficult) across languages, such as methods of testing whether the compiler-generated code âreallyâ is constant-time with respect to sensitive inputs.