For the next release of GMP, there will be some new public functions for
side-channel silent computations, as part of the low-level "mpn"
interface.
I think it would make sense to rewrite the RSA and DSA private key
operations to use side-channel silent functions. This might require
further interface changes; I haven't really looked into it yet, so I
don't know to which degree backwards compatibility can be kept.
I also don't yet know if it's practical to make use of the new functions
optional, or if it will make the latest GMP a strict requirement (unless
Nettle's public key support is completely disabled).
What do you think?
Relatedly, I've updated the release plan on
http://www.lysator.liu.se/~nisse/nettle/plan.html.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
