Side-channels mitigations.
Fields
none,
No additional side-channel mitigations are applied. This is the fastest mode.
basic,
The basic
mode protects against most practical attacks, provided that the application or implements proper defenses against brute-force attacks. It offers a good balance between performance and security.
medium,
The medium
mode offers increased resilience against side-channel attacks, making most attacks unpractical even on shared/low latency environements. This is the default mode.
full,
The full
mode offers the highest level of protection against side-channel attacks. Note that this doesn’t cover all possible attacks (especially power analysis or thread-local attacks such as cachebleed), and that the performance impact is significant.