Paul Kocher's timing attack

Paul Kocher's brutally clever timing attack against on-line implementations of RSA, DSA and fixed-exponent Diffie-Hellman is reported on page A1 of Monday's New York Times ("Secure Digital Transactions Just Got a Little Less Secure" by John Markoff). The attack requires only a few thousand ciphertext samples and works against most implementations of public-key cryptosystems in which the attacker can measure accurately the target's computation time for each sample. I think Kocher's paper is online somewhere; I'll post the URL when I find it. -matt