Side-channels mitigations.

Fields

none,

No additional side-channel mitigations are applied. This is the fastest mode.

basic,

The basic mode protects against most practical attacks, provided that the application or implements proper defenses against brute-force attacks. It offers a good balance between performance and security.

medium,

The medium mode offers increased resilience against side-channel attacks, making most attacks unpractical even on shared/low latency environements. This is the default mode.

full,

The full mode offers the highest level of protection against side-channel attacks. Note that this doesn’t cover all possible attacks (especially power analysis or thread-local attacks such as cachebleed), and that the performance impact is significant.