1995-12-11 - Re: Timing Cryptanalysis Attack
Header Data
From: Nathaniel Borenstein <nsb@nsb.fv.com>
To: tomw@netscape.com>
Message Hash: 23eb2d08966fa13bf208889a25dfe8799534f824b58971ff2f024973df420518
Message ID: <0kn1kjCMc50e02ivZP@nsb.fv.com>
Reply To: <199512110845.JAA25564@utopia.hacktic.nl>
UTC Datetime: 1995-12-11 21:10:34 UTC
Raw Date: Tue, 12 Dec 1995 05:10:34 +0800
Raw message
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 12 Dec 1995 05:10:34 +0800
To: tomw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <0kn1kjCMc50e02ivZP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain
Hey, don't go for constant time, that's too hard to get perfect. Add a
*random* delay. This particular crypto-flaw is pretty easy to fix.
(See, I'm not *always* arguing the downside of cryptography!)
It is worth noting, however, the extent to which "secure" cryptographic
protocols keep needing to get fixed one last time.... -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com> | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com | http://www.netresponse.com/zldf
Thread
Return to December 1995
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to “anon-remailer@utopia.hacktic.nl (Anonymous)”
- Return to “Black Unicorn <unicorn@schloss.li>”
- Return to “Eric Young <eay@mincom.oz.au>”
- Return to “fc@all.net (Dr. Frederick B. Cohen)”
- Return to “Jeff Weinstein <jsw@netscape.com>”
- Return to “Jim Gillogly <jim@acm.org>”
- Return to ““Josh M. Osborne” <stripes@va.pubnix.com>”
- Return to “Matt Blaze <mab@crypto.com>”
- Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
- Return to ““Perry E. Metzger” <perry@piermont.com>”
- Return to “Peter Monta <pmonta@qualcomm.com>”
- Return to “Simon Spero <ses@tipper.oit.unc.edu>”
Return to “Tom Weinstein <tomw@netscape.com>”
- 1995-12-11 (Mon, 11 Dec 1995 17:12:49 +0800) - Timing Cryptanalysis Attack - anon-remailer@utopia.hacktic.nl (Anonymous)
- 1995-12-11 (Mon, 11 Dec 1995 17:55:55 +0800) - Re: Timing Cryptanalysis Attack - Eric Young <eay@mincom.oz.au>
- 1995-12-11 (Tue, 12 Dec 1995 06:50:02 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-11 (Mon, 11 Dec 1995 18:27:46 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
- 1995-12-11 (Tue, 12 Dec 1995 05:04:23 +0800) - Re: Timing Cryptanalysis Attack - Eric Young <eay@mincom.oz.au>
- 1995-12-11 (Tue, 12 Dec 1995 05:31:37 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-11 (Tue, 12 Dec 1995 07:02:56 +0800) - Re: Timing Cryptanalysis Attack - Matt Blaze <mab@crypto.com>
- 1995-12-12 (Tue, 12 Dec 1995 13:05:05 +0800) - Re: Timing Cryptanalysis Attack - Peter Monta <pmonta@qualcomm.com>
- 1995-12-13 (Wed, 13 Dec 1995 22:33:48 +0800) - Re: Timing Cryptanalysis Attack - “Josh M. Osborne” <stripes@va.pubnix.com>
- 1995-12-12 (Wed, 13 Dec 1995 05:53:55 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-12 (Tue, 12 Dec 1995 13:05:05 +0800) - Re: Timing Cryptanalysis Attack - Peter Monta <pmonta@qualcomm.com>
- 1995-12-12 (Tue, 12 Dec 1995 14:01:08 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
- 1995-12-12 (Tue, 12 Dec 1995 14:55:20 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-12 (Tue, 12 Dec 1995 11:25:32 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
- 1995-12-12 (Tue, 12 Dec 1995 14:55:20 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-11 (Tue, 12 Dec 1995 07:02:56 +0800) - Re: Timing Cryptanalysis Attack - Matt Blaze <mab@crypto.com>
- 1995-12-12 (Tue, 12 Dec 1995 14:37:57 +0800) - Re: Timing Cryptanalysis Attack - Peter Monta <pmonta@qualcomm.com>
- 1995-12-11 (Tue, 12 Dec 1995 05:10:34 +0800) - Re: Timing Cryptanalysis Attack - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1995-12-12 (Wed, 13 Dec 1995 05:54:04 +0800) - Re: Timing Cryptanalysis Attack - Jim Gillogly <jim@acm.org>
- 1995-12-12 (Wed, 13 Dec 1995 01:21:21 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
- 1995-12-12 (Wed, 13 Dec 1995 02:06:25 +0800) - Re: Timing Cryptanalysis Attack - fc@all.net (Dr. Frederick B. Cohen)
- 1995-12-12 (Wed, 13 Dec 1995 04:31:34 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
- 1995-12-13 (Wed, 13 Dec 1995 17:31:54 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
- 1995-12-12 (Wed, 13 Dec 1995 01:21:21 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
- 1995-12-12 (Wed, 13 Dec 1995 05:54:04 +0800) - Re: Timing Cryptanalysis Attack - Jim Gillogly <jim@acm.org>
- 1995-12-11 (Tue, 12 Dec 1995 05:53:30 +0800) - Re: Timing Cryptanalysis Attack - Jeff Weinstein <jsw@netscape.com>
- 1995-12-12 (Tue, 12 Dec 1995 14:39:12 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
- 1995-12-12 (Tue, 12 Dec 1995 11:39:15 +0800) - Re: Timing Cryptanalysis Attack - Jeff Weinstein <jsw@netscape.com>
- 1995-12-12 (Tue, 12 Dec 95 01:45:37 PST) - Re: Timing Cryptanalysis Attack - Black Unicorn <unicorn@schloss.li>
- 1995-12-12 (Wed, 13 Dec 1995 00:56:02 +0800) - Re: Timing Cryptanalysis Attack - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-12-12 (Tue, 12 Dec 1995 14:39:12 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
- 1995-12-11 (Tue, 12 Dec 1995 06:50:11 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-11 (Mon, 11 Dec 1995 17:55:55 +0800) - Re: Timing Cryptanalysis Attack - Eric Young <eay@mincom.oz.au>