TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 24792d0a33b6283b8c84043d029698a3acb7251e^! / .
commit24792d0a33b6283b8c84043d029698a3acb7251e[log] [tgz]
authorJanos Follath <janos.follath@arm.com>Fri Mar 03 14:16:12 2023 +0000
committerGitHub <noreply@github.com>Fri Mar 03 14:16:12 2023 +0000
tree6c8841b7c52f43f2213bc644d2e301da485aaf6b
parent18d417340f2ed2818b4b673b1040933ca8d97737 [diff]
Threat Model: Improve wording

Signed-off-by: Janos Follath <janos.follath@arm.com>

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/SECURITY.md b/SECURITY.md
index ae37dab..50c8ffd 100644
--- a/SECURITY.md
+++ b/SECURITY.md

@@ -26,8 +26,8 @@
 - **Remote Attacks:** The attacker can observe and modify data sent over the
   network. This includes observing timing of individual packets and potentially
   delaying legitimate messages.
-- **Timing Attacks:** The attacker can gain information about the time certain
-  sets of instructions in Mbed TLS operations take.
+- **Timing Attacks:** The attacker can gain information about the time taken
+  by certain sets of instructions in Mbed TLS operations.
 - **Physical Attacks:** The attacker has access to physical information about
   the hardware Mbed TLS is running on and/or can alter the physical state of
   the hardware.
@@ -47,14 +47,14 @@
 cost of protecting against timing attacks widely varies depending on the
 granularity of the measurements and the noise present. Therefore the protection
 in Mbed TLS and Mbed Crypto is limited. We are only aiming to provide protection
-against publicly documented attacks.
+against publicly documented attacks, and this protection is not currently complete.
 
-**Warning!** Block ciphers constitute an exception from this protection. For
+**Warning!** Block ciphers do not yet achieve full protection. For
 details and workarounds see the section below.
 
 #### Block Ciphers
 
-Currently there are 4 block ciphers in Mbed TLS: AES, CAMELLIA, ARIA and DES.
+Currently there are four block ciphers in Mbed TLS: AES, CAMELLIA, ARIA and DES.
 The Mbed TLS implementation uses lookup tables, which are vulnerable to timing
 attacks.
 
@@ -63,7 +63,7 @@
 - Turn on hardware acceleration for AES. This is supported only on selected
   architectures and currently only available for AES. See configuration options
   `MBEDTLS_AESCE_C`, `MBEDTLS_AESNI_C` and `MBEDTLS_PADLOCK_C` for details.
-- Add a secure alternative implementation (typically bitslice implementation or
+- Add a secure alternative implementation (typically a bitsliced implementation or
   hardware acceleration) for the vulnerable cipher. See the [Alternative
 Implementations Guide](docs/architecture/alternative-implementations.md) for
   more information.