From: "Mark M." <markm@omni.voicenet.com>
Date: Thu, 14 Dec 1995 10:33:36 +0800
To: cypherpunks@toad.com
Subject: Re: Attacking Clipper with timing info?
In-Reply-To: <9512132111.AA18490@bilbo.suite.com>
Message-ID: <Pine.LNX.3.91.951213184958.140A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 13 Dec 1995, Jim Miller wrote:

> 
> Could this timing attack be used to obtain the various keys used by  
> Clipper devices?
> 
> Jim_Miller@suite.com
> 
> 

The Clipper chip itself does not use digital signatures and public key
encryption.  It only implements an block cypher.  You were probably talking
about Capstone which does use PK crytpo and digital signatures.  Capstone
uses DSS as the digital signature which is explicitly pointed out in the
summary of the timing attack.  I don't think what algorithm it uses for
key exchange has been releases yet, but it probably is vulnerable.  So
Capstone is indeed vulnerable to timing attacks.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM9n1bZc+sv5siulAQFiogP/ZoGwK/gJpEyGhfQhHx8MM9pA/BPO36ZK
C/lFiOn1DhisqV+o2uYz8noRInr76fhO2drxCzACq1hCt3EAq9rXTmTDZeQOxHQS
6nT8VE5GJH54TwbTn5yeG2w7FUUDFeOYyu/aGQTIztAaUwJ3vLJSnP6ze50BTXI9
JJeziR8yBqE=
=b6p3
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------