1995-12-12 - Re: Timing Cryptanalysis Attack

Header Data

From: Tom Weinstein <tomw@netscape.com>
To: cypherpunks@toad.com
Message Hash: d60564baadc92465a0af151c23dbffbd6a5af9201979ee4782f6372990837533
Message ID: <30CC9B8C.6201@netscape.com>
Reply To: <199512111815.NAA02202@jekyll.piermont.com>
UTC Datetime: 1995-12-12 06:01:08 UTC
Raw Date: Tue, 12 Dec 1995 14:01:08 +0800

Raw message

From: Tom Weinstein <tomw@netscape.com>
Date: Tue, 12 Dec 1995 14:01:08 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111815.NAA02202@jekyll.piermont.com>
Message-ID: <30CC9B8C.6201@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> The trivial way to handle this is simply to check user time with the
> right system calls and make sure it always comes out the same with an
> apropriate number of sleeps.

The problem with that approach is that if the system is heavily loaded,
it can take an arbitrarily large amount of user time.  Somewhat better
is to sleep for a random amount of time after you're done.  That will
smear out the time distribution making it harder to get a statistically
meaningful number of samples.  It also increases your latency, but
doesn't hurt throughput on a busy system.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com





Thread