From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 668965980d69329a7fb080b4ddb031d0896461daba827f64ed231aa5afc08fe1
Message ID: <199512190712.CAA21135@thor.cs.umass.edu>
Reply To: <9512190402.AA12992@bilbo.suite.com>
UTC Datetime: 1995-12-19 08:43:51 UTC
Raw Date: Tue, 19 Dec 1995 16:43:51 +0800
From: futplex@pseudonym.com (Futplex)
Date: Tue, 19 Dec 1995 16:43:51 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Java and timing info - second attempt
In-Reply-To: <9512190402.AA12992@bilbo.suite.com>
Message-ID: <199512190712.CAA21135@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain
Jim Miller writes:
> Combine this with some a standard crypto API for doing Web-based digital
> signatures or authentication or encryption and you may begin to see some
> possibilities.
>
> Would it be possible to create a Java applet that causes the client
> machine to sign or encrypt something with their private key, and then send
> back timing info?
>
> For the answer to be YES a few things need to be true. There needs to be
> some sort of standard crypto API in use that can be accessed by a Java
> script, and Java scripts need to be able to capture and send back timing
> info. Does anyone on this list know enough about Java to know if it can
> do any of these things?
[I've read a bit more about Java since you last asked the question,
coincidentally, but I don't know a huge amount about it yet.]
I think this scenario is certainly possible, from a technical point of view.
Crypto APIs in general should force the user to be aware of how she is using
her key material. Ultimately you can't save people from themselves. (One
of my favorite non sequiturs. ;) User education helps. But just as users
are tricked by various social engineering methods into divulging their account
passphrases, so they can be duped into encrypting or signing for a stranger's
timing pleasure.
However, one would certainly hope that the crypto Java interfaces that get
written are designed to mask timing information in the wake of Kocher. In
fact, this is precisely the sort of thing "we" should consider promulgating....
-Futplex <futplex@pseudonym.com>
Return to December 1995
Return to “jim@bilbo.suite.com (Jim Miller)”