1995-12-12 - Re: Timing Cryptanalysis Attack

Header Data

From: Adam Shostack <adam@lighthouse.homeport.org>
To: adam@lighthouse.homeport.org (Adam Shostack)
Message Hash: 5738d2f1336555ee5760a383e584203dd0d08f7ec9a5e4bf61827478b708e025
Message ID: <199512121759.MAA09353@homeport.org>
Reply To: <199512121525.KAA09078@homeport.org>
UTC Datetime: 1995-12-12 20:31:34 UTC
Raw Date: Wed, 13 Dec 1995 04:31:34 +0800

Raw message

From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 13 Dec 1995 04:31:34 +0800
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121525.KAA09078@homeport.org>
Message-ID: <199512121759.MAA09353@homeport.org>
MIME-Version: 1.0
Content-Type: text



	Nope, I'm wrong, as Fred and Simon point out.  The noise makes
finding the times more difficult by some small factor, nothing more.
I'll stop writing these things in the morning. :)

I wrote:

| 	Does the delay have to be random, or does the total time for a
| transacation need to be unrelated to the bits in the secret key?
| Assume that the time added is pseudo-random (and confidential).
| Further, for any non-overlapping group of N transactions, the
| distribution of the times fits some predetermined curve, say a bell
| curve.
| 
| 	We've added a non random number, but since those numbers end
| up being a curve, it would be difficult to determine which transaction
| got which time added to it.  This resembles the 'make them all a
| constant time', but allows us to send out some in a shorter time than
| the maximum (although most transactions should probably take longer
| than the average.)

Thread

• Return to December 1995

• Return to “Adam Shostack <adam@lighthouse.homeport.org>”
• Return to “anon-remailer@utopia.hacktic.nl (Anonymous)”
• Return to “Black Unicorn <unicorn@schloss.li>”
• Return to “Eric Young <eay@mincom.oz.au>”
• Return to “fc@all.net (Dr. Frederick B. Cohen)”
• Return to “Jeff Weinstein <jsw@netscape.com>”
• Return to “Jim Gillogly <jim@acm.org>”
• Return to ““Josh M. Osborne” <stripes@va.pubnix.com>”
• Return to “Matt Blaze <mab@crypto.com>”
• Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”
• Return to “Peter Monta <pmonta@qualcomm.com>”
• Return to “Simon Spero <ses@tipper.oit.unc.edu>”

• Return to “Tom Weinstein <tomw@netscape.com>”

• 1995-12-11 (Mon, 11 Dec 1995 17:12:49 +0800) - Timing Cryptanalysis Attack - anon-remailer@utopia.hacktic.nl (Anonymous)
  • 1995-12-11 (Mon, 11 Dec 1995 17:55:55 +0800) - Re: Timing Cryptanalysis Attack - Eric Young <eay@mincom.oz.au>
    • 1995-12-11 (Tue, 12 Dec 1995 06:50:02 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
  • 1995-12-11 (Mon, 11 Dec 1995 18:27:46 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
    • 1995-12-11 (Tue, 12 Dec 1995 05:04:23 +0800) - Re: Timing Cryptanalysis Attack - Eric Young <eay@mincom.oz.au>
    • 1995-12-11 (Tue, 12 Dec 1995 05:31:37 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
      • 1995-12-11 (Tue, 12 Dec 1995 07:02:56 +0800) - Re: Timing Cryptanalysis Attack - Matt Blaze <mab@crypto.com>
        • 1995-12-12 (Tue, 12 Dec 1995 13:05:05 +0800) - Re: Timing Cryptanalysis Attack - Peter Monta <pmonta@qualcomm.com>
          • 1995-12-13 (Wed, 13 Dec 1995 22:33:48 +0800) - Re: Timing Cryptanalysis Attack - “Josh M. Osborne” <stripes@va.pubnix.com>
        • 1995-12-12 (Wed, 13 Dec 1995 05:53:55 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
      • 1995-12-12 (Tue, 12 Dec 1995 14:01:08 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
        • 1995-12-12 (Tue, 12 Dec 1995 14:55:20 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>
          • 1995-12-12 (Tue, 12 Dec 1995 11:25:32 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
    • 1995-12-12 (Tue, 12 Dec 1995 14:37:57 +0800) - Re: Timing Cryptanalysis Attack - Peter Monta <pmonta@qualcomm.com>
  • 1995-12-11 (Tue, 12 Dec 1995 05:10:34 +0800) - Re: Timing Cryptanalysis Attack - Nathaniel Borenstein <nsb@nsb.fv.com>
    • 1995-12-12 (Wed, 13 Dec 1995 05:54:04 +0800) - Re: Timing Cryptanalysis Attack - Jim Gillogly <jim@acm.org>
      • 1995-12-12 (Wed, 13 Dec 1995 01:21:21 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
        • 1995-12-12 (Wed, 13 Dec 1995 02:06:25 +0800) - Re: Timing Cryptanalysis Attack - fc@all.net (Dr. Frederick B. Cohen)
        • 1995-12-12 (Wed, 13 Dec 1995 04:31:34 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
        • 1995-12-13 (Wed, 13 Dec 1995 17:31:54 +0800) - Re: Timing Cryptanalysis Attack - Tom Weinstein <tomw@netscape.com>
  • 1995-12-11 (Tue, 12 Dec 1995 05:53:30 +0800) - Re: Timing Cryptanalysis Attack - Jeff Weinstein <jsw@netscape.com>
    • 1995-12-12 (Tue, 12 Dec 1995 14:39:12 +0800) - Re: Timing Cryptanalysis Attack - Adam Shostack <adam@lighthouse.homeport.org>
      • 1995-12-12 (Tue, 12 Dec 1995 11:39:15 +0800) - Re: Timing Cryptanalysis Attack - Jeff Weinstein <jsw@netscape.com>
      • 1995-12-12 (Tue, 12 Dec 95 01:45:37 PST) - Re: Timing Cryptanalysis Attack - Black Unicorn <unicorn@schloss.li>
    • 1995-12-12 (Wed, 13 Dec 1995 00:56:02 +0800) - Re: Timing Cryptanalysis Attack - Simon Spero <ses@tipper.oit.unc.edu>
  • 1995-12-11 (Tue, 12 Dec 1995 06:50:11 +0800) - Re: Timing Cryptanalysis Attack - “Perry E. Metzger” <perry@piermont.com>