https://randombit.net/bitbashing/enContents © 2020 <a href="mailto:jack@randombit.net">Jack Lloyd</a> Wed, 04 Mar 2020 15:32:56 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://randombit.net/bitbashing/posts/modular_inversion_using_crt.htmlJack Lloyd<div><p>Modular inversion is an important component in many cryptographic computations, notably in number-theoretic public key cryptosystems like RSA and ECDSA. In such uses, we must both perform the computation as quickly as possible and also in const-time, that is without any software-observable side channels which leak information about the inputs or output. Otherwise it is possible to attack computations such as RSA key generation or ECDSA signature generation, and recover the secret key.</p> <p>This is a bad thing.</p> <p><a href="https://randombit.net/bitbashing/posts/modular_inversion_using_crt.html">Read more…</a> (3 min remaining to read)</p></div>cryptomathhttps://randombit.net/bitbashing/posts/modular_inversion_using_crt.htmlWed, 04 Mar 2020 05:00:00 GMT