Author: Jean-Paul Kogelman 2014-03-05 13:18:31
Published on: 2014-03-05T13:18:31+00:00
In a discussion on the Bitcoin-development mailing list in March 2014, Mike Hearn expressed concerns about the security of OpenSSL's secp256k1 implementation. He stated that he was unaware of any efforts to make it completely side channel free and many people have implemented ECDSA themselves, meaning even if OpenSSL gets fixed, custom implementations may not. Pieter Wuille responded by saying that there is hardly any effort to prevent timing attacks in the implementation. The discussion raises questions about the safety of secp256k1 implementation and highlights the need for improved security measures in the development of cryptographic protocols.
Updated on: 2023-06-08T03:59:59.876182+00:00