1995-12-11 - Re: Timing Cryptanalysis Attack

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: cypherpunks@toad.com
Message Hash: 2fb752fa3eab4e3a9a787d05b0adb8f21fe14f6c016c9835a0828ccbb272394f
Message ID: <199512111810.NAA02186@jekyll.piermont.com>
Reply To: <199512110845.JAA25564@utopia.hacktic.nl>
UTC Datetime: 1995-12-11 22:50:11 UTC
Raw Date: Tue, 12 Dec 1995 06:50:11 +0800

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 06:50:11 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <199512111810.NAA02186@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> I just read this paper, and while it is somewhat interesting, I
> don't think the walls of cryptography are in any danger of
> crumbling.
> 
> People employing systems like PGP are already advised to use them
> on private machines, with only one user, and untampered-with
> binaries.

Timings like the ones listed are trivial to take in establishing
things like SSL sessions, or Photuris sessions. The danger is to
online protocols, not to PGP.

Any reason you felt you had to say this anonymously?

Perry





Thread