#GoFetch: Breaking Constant-Time #Cryptographic Implementations Using Data Memory-Dependent Prefetchers

Source: https://gofetch.fail

#Apple #cpu #hardware #problem #security #encryption #OpenSSL #ssl #Memory #timing #exploit

A group of #Swiss researchers have published an impressive #securityanalysis of #Threema.

"We provide an extensive #cryptographic analysis of Threema , a Swiss-based #encrypted #messaging application with more than 10 million users and 7000 corporate customers. As one example, we present a cross-protocol attack which breaks authentication in Threema and which exploits the lack of proper key separation between different sub-protocols. [...]"
#cybersecurite #Ibexprotocol
https://securityboulevard.com/2023/01/security-analysis-of-threema/