A recent paper used wolfSSL as a test bed for proving out their attack on Ed25519 signatures. You can read the paper here: https://eprint.iacr.org/2017/985.pdf . This was not an attack on wolfSSL itself or its implementation, but rather a differential power attack that involves SHA-512 and Ed25519. The recommended countermeasure is to change Ed25519 and remove its deterministic signature properties. If you are interested in this countermeasure please let us know as we can make this available as a build option.
Questions? Contact Us- Support Forums
