--- Day changed Mon Aug 10 2015
02:45 -!- btcdrak [uid52049@gateway/web/irccloud.com/x-wzrcmngttnbhjueo] has joined #secp256k1
15:25 <@andytoshi> unsure if this is relevant to us https://eprint.iacr.org/2015/799
15:46 < gmaxwell> yea, thats why I asked TD-Linux to get true power traces and suggested measuring correlation power; even though other than smart cards attacks where power analysis are interesting is rare... and correlation doesn't mean the attacker can decode the differences... it's conservatie.
15:48 < gmaxwell> looks like they are telling which table entries you read based on the hamming weight of the entries.
15:49 < gmaxwell> I'd contemplated grinding Z and/or the NUMs value to result in a table where the entries met varrious criteria (e.g. equal hamming weight for each words) .. but to go beyond a fairly small table (e.g. 2 or 4 entries) requires unreasonable amounts of computation. :(
15:52 < TD-Linux> well power is also where most of the emi attacks come from
15:54 < gmaxwell> might be possible to have the FROM_STORAGE macro apply some kind of very cheap whitening transform that happens to make the whole table uniform hamming weight. (assuming that the weight dependance comes from differing dram power consumption)
21:38 -!- btcdrak [uid52049@gateway/web/irccloud.com/x-wzrcmngttnbhjueo] has quit [Quit: Connection closed for inactivity]