You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
constant time
About this tag
The constant time tag on WindowsForum.com covers discussions about cryptographic code that must execute in a fixed duration regardless of secret data to prevent timing side-channel attacks. Recent threads highlight vulnerabilities such as CVE-2025-13912 and CVE-2025-12888 in wolfSSL, where compiler optimizations or specific toolchains (e.g., Clang/LLVM, Xtensa) can break constant-time guarantees, and CVE-2025-40204 in the Linux kernel's SCTP MAC comparison. These topics involve embedded systems, cryptographic libraries, and kernel hardening, with a focus on ensuring operations like X25519 and MAC checks remain constant time to protect authentication material and secret keys.
CVE-2025-13912 is a timing‑side‑channel concern in wolfSSL where compiler optimizations (notably from Clang/LLVM toolchains) can transform carefully written constant‑time C code into binaries whose runtime varies with secret data — a behavior that undermines cryptographic assumptions and was...
The Linux kernel update that closed CVE-2025-40204 was a surgical but important hardening: the SCTP code was performing a MAC (message authentication code) comparison using a timing‑dependent routine, and maintainers replaced that comparison with a constant‑time helper to remove a potential...
A subtle timing weakness in X25519 implementations that affects Xtensa-based ESP32 chips has been logged as CVE-2025-12888, and wolfSSL—one of the mainstream embedded crypto libraries—has already shipped a targeted mitigation that changes build defaults for Xtensa targets to safer, low‑memory...