Timing Cryptanalysis Attack
Peter Monta
pmonta at qualcomm.com
Tue Dec 12 19:33:21 PST 1995
Kocher says this about padding to constant time:
> ... If a timer is used to delay returning results until a pre-specified
> time, attackers may be able to monitor other aspects of the system
> performance to determine when the cryptographic computation completes.
Perhaps, but an attack would be much more difficult if the monitoring must
be done outside the host doing the computation (viewing a router from
the outside, say, as Eric Young alludes to), since the scope for covert
channels is much reduced.
Peter Monta
More information about the cypherpunks-legacy
mailing list