--- Day changed Wed Oct 25 2017 01:06 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 246 seconds] 01:20 -!- cfields [~quassel@unaffiliated/cfields] has quit [Ping timeout: 246 seconds] 01:21 -!- cfields [~quassel@unaffiliated/cfields] has joined #secp256k1 01:36 -!- cfields [~quassel@unaffiliated/cfields] has quit [Read error: Connection reset by peer] 01:37 -!- cfields [~quassel@unaffiliated/cfields] has joined #secp256k1 05:16 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has joined #secp256k1 07:40 < gmaxwell> oh jesus, apparently in the micro in trezor the freeking multiply instruction isn't constant time, 07:35:01 < spudowiar> Jochen Hoenicke told me that it was non constant time lol and linked me this https://pure.tue.nl/ws/files/47038543/800603-1.pdf 07:40 < gmaxwell> I think I'd mentioned in here before that there were really old arm chips like that, well apparently really old includes cortex M3. 10:09 < TD-Linux> gmaxwell, whoops. on my testing I used a cortex-m4. 10:11 < gmaxwell> TD-Linux: well thats fine. we should probably just document that if you're using M3 you're on your own. There are techniques to extract a constant time mul out of them, but at the expense of a huge slowdown. 10:12 < TD-Linux> indeed. the m3 based chips are generally also older and have fallen out of favor compared to m4 so it's not a huge loss 10:12 < TD-Linux> but I'm still surprised at that and wouldn't have thought to measure a m3. 10:13 < TD-Linux> on paper the m4 is just a m3 with dsp instructions 10:14 < gmaxwell> e.g. looks like using their 32 bit multipliers at <=16 bit makes them take constant time, so long as you number multiply with zero. 10:44 -!- xinxi [~xinxi@39.109.214.22] has quit [Remote host closed the connection] 10:44 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 11:40 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has quit [Remote host closed the connection] 12:03 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has quit [Remote host closed the connection] 13:46 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has joined #secp256k1 19:26 -!- xinxi [~xinxi@39.109.214.22] has quit [Remote host closed the connection] 19:26 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 19:54 -!- xinxi [~xinxi@39.109.214.22] has quit [Remote host closed the connection] 19:55 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 20:00 -!- xinxi [~xinxi@39.109.214.22] has quit [Ping timeout: 246 seconds] 20:27 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 20:54 -!- xinxi [~xinxi@39.109.214.22] has quit [Ping timeout: 260 seconds] 21:21 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 21:27 -!- xinxi [~xinxi@39.109.214.22] has quit [Ping timeout: 260 seconds] 21:41 -!- sipa [~pw@unaffiliated/sipa1024] has quit [Ping timeout: 246 seconds] 21:41 -!- sipa [~pw@2001:19f0:ac01:2fb:5400:ff:fe5b:c3ff] has joined #secp256k1 22:02 -!- jtimon [~quassel@164.31.134.37.dynamic.jazztel.es] has quit [Ping timeout: 240 seconds] 22:24 -!- xinxi [~xinxi@39.109.214.22] has joined #secp256k1 22:52 -!- jonasschnelli [~jonasschn@bitcoinsrv.jonasschnelli.ch] has quit [Changing host] 22:52 -!- jonasschnelli [~jonasschn@unaffiliated/jonasschnelli] has joined #secp256k1 23:22 -!- xinxi [~xinxi@39.109.214.22] has quit [Ping timeout: 248 seconds]