Timing Cryptanalysis Attack
Perry E. Metzger
perry at piermont.com
Tue Dec 12 13:53:55 PST 1995
Matt Blaze writes:
> >The trivial way to handle this is simply to check user time with the
> >right system calls and make sure it always comes out the same with an
> >apropriate number of sleeps.
>
> Of course, this works against a remote adversary, but not against one
> on the same machine who can look at actual CPU consumption (which doesn't
> increase when the target is blocked).
True enough, but using busy loops could handle that. However, I must
admit to being far more interested in handling the remote case
efficiently, especially given concerns people have about using
Photuris like systems on heavily pounded servers.
Perry
More information about the cypherpunks-legacy
mailing list