Re: Attacking Clipper with timing info?
Without having the details of the algorithm, I suspect the answer is 'remotely possible, at best'.
However, to extend what I suspect you were getting at:
It would be very interesting to determine if the NSA knew about this crypto-design problem...
That was indeed what I was wondering. I expect we wont have to wait too long before we hear whether Clipper chips require the same or a different amount of time to encrypt/decrypt. Should be interesting. Jim_Miller@suite.com
That was indeed what I was wondering. I expect we wont have to wait too long before we hear whether Clipper chips require the same or a different amount of time to encrypt/decrypt. Should be interesting.
Clipper chips require fixed time to do a codebook cipher operation (exactly 64 clock ticks). It's in the chip spec. Capstone chips, on the other hand (as embodied in Tessera/Fortezza) have public-key operations (DSA and a classified key exchange algorithm called KEA that appears based on its interface to be El Gamal-like). The cards aren't supposed to reveal the secrets stored on them, ever. There does appear to be some variability in those functions, however. I've not yet reached any firm conclusions, however. -matt
participants (2)
-
jim@bilbo.suite.com -
Matt Blaze