Timing Cryptanalysis Attack
Perry E. Metzger
perry at piermont.com
Tue Dec 12 05:06:37 PST 1995
Anonymous writes:
> "Perry E. Metzger" <perry at piermont.com> writes:
>
> > Timings like the ones listed are trivial to take in
> > establishing things like SSL sessions, or Photuris sessions.
> > The danger is to online protocols, not to PGP.
>
> This must be a new and interesting definition of the word
> "trivial" with which I was previously unfamiliar.
>
> Quite frankly, I would be extremely surprised if anyone mounted a
> successful hostile attack against a server's RSA certificate
> using timings of remotely initiated SSL sessions outside of a
> controlled laboratory environment.
Go ahead and trust that no one can do it, then. Considering that NTP
can synch up clocks over the net with astonishing accuracy with
multiple probes, it would be hard to believe that you couldn't
similarly dramatically reduce the effects of network delays for the
purposes of mounting an attack on an RSA key, too.
However, if you don't believe it is possible, why, go ahead and ignore
it. Not my problem what you do.
Perry
More information about the cypherpunks-legacy
mailing list