Add topic on Side Channel leakage

author: Jeffrey Walton <noloader@gmail.com> 2018-01-08 09:13:15 -0500
committer: Jeffrey Walton <noloader@gmail.com> 2018-01-08 09:13:15 -0500
commit: 2c295b2454c6ebb6e389a58e0cfae471479afe07 (patch)
tree: e844936426307733a56cf45d079cd6179f191a23 /Readme.txt
parent: 5ae79afd89c9ad357e63a48815d66dedbf3c2821 (diff)
download: cryptopp-git-2c295b2454c6ebb6e389a58e0cfae471479afe07.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/Readme.txt b/Readme.txt
index 54e22009..5b9d1277 100644
--- a/Readme.txt
+++ b/Readme.txt
@@ -202,6 +202,14 @@ The makefile links to the static version of the Crypto++ library to avoid binary
 planting and other LD_PRELOAD tricks. You should use the static version of the
 library in your programs to help avoid unwanted redirections.
 
+*** Side Channel Attacks ***
+
+Crypto++ attempts to resist side channel attacks using various remediations. We
+believe the library is hardened but the remdiations may be incomplete. The first
+line of defense uses hardware instructions when possible. The library also uses
+cache-aware algoirthms and access patterns to minimize leakage. If you suspect
+or find an information leak then please report it.
+
 *** Documentation and Support ***
 
 Crypto++ is documented through inline comments in header files, which are
author	Jeffrey Walton <noloader@gmail.com>	2018-01-08 09:13:15 -0500
committer	Jeffrey Walton <noloader@gmail.com>	2018-01-08 09:13:15 -0500
commit	2c295b2454c6ebb6e389a58e0cfae471479afe07 (patch)
tree	e844936426307733a56cf45d079cd6179f191a23 /Readme.txt
parent	5ae79afd89c9ad357e63a48815d66dedbf3c2821 (diff)
download	cryptopp-git-2c295b2454c6ebb6e389a58e0cfae471479afe07.tar.gz