Side Channel Attacks

[Jeffrey Walton]

Hi Everyone,

There's new research on data leakage due to cpu speculation bugs. It looks like there are 3 or 4 new ones in addition to existing ones like Spectre and Meltdown.

I'm changing the README's opening paragraph to read like below. About the all we can do is apply them as a best effort, and tell folks they are probably present.

    Crypto++ attempts to resist side channel attacks using

    various remediations. The remdiations are applied as a best

    effort but are probably incomplete. They are incomplete due

    to cpu speculation bugs like Spectre, Meltdown, Foreshadow.
    Intel generally refers to them as "Microarchitectural Data

    Sampling" (MDS).

We really need cpu manufacturers help here. We can't sidestep the cpu and memory.

There's nothing special about Crypto++. Other libraries are experiencing the same pain, like Botan and OpenSSL.

Jeff