From: "Martin Diehl" <mdiehl@dttus.com>
Date: Thu, 14 Dec 1995 12:50:44 +0800
To: cypherpunks@toad.com
Subject: Re[2]: Timing Cryptanalysis Attack
Message-ID: <9511118187.AA818747282@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     OTOH, maybe we _should_ try for constant computation time and then try 
     for *random* delay time.  Remember that _we_ will spend a lot of real 
     time arguing whether the *random* delay is really _random_
     
     Martin G. Diehl
     
     
     _______________________ Reply Separator __________________________ 
     Subject: Re: Timing Cryptanalysis Attack
     Author:  Nathaniel Borenstein <nsb+limbo@nsb.fv.com> at Internet-usa 
     Date:    12/11/95 2:41 PM
     
     
     Hey, don't go for constant time, that's too hard to get perfect.  Add 
     a *random* delay.  This particular crypto-flaw is pretty easy to fix. 
     (See, I'm not *always* arguing the downside of cryptography!)
     
     It is worth noting, however, the extent to which "secure" 
     cryptographic protocols keep needing to get fixed one last time....  
     -- Nathaniel --------
     Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn) 
     Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
     FAQ & PGP key: nsb+faq@nsb.fv.com       | 
     http://www.netresponse.com/zldf