Timing Cryptanalysis Attack
Martin Diehl
mdiehl at dttus.com
Wed Dec 13 20:50:44 PST 1995
OTOH, maybe we _should_ try for constant computation time and then try
for *random* delay time. Remember that _we_ will spend a lot of real
time arguing whether the *random* delay is really _random_
Martin G. Diehl
_______________________ Reply Separator __________________________
Subject: Re: Timing Cryptanalysis Attack
Author: Nathaniel Borenstein <nsb+limbo at nsb.fv.com> at Internet-usa
Date: 12/11/95 2:41 PM
Hey, don't go for constant time, that's too hard to get perfect. Add
a *random* delay. This particular crypto-flaw is pretty easy to fix.
(See, I'm not *always* arguing the downside of cryptography!)
It is worth noting, however, the extent to which "secure"
cryptographic protocols keep needing to get fixed one last time....
-- Nathaniel --------
Nathaniel Borenstein <nsb at fv.com> | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq at nsb.fv.com |
http://www.netresponse.com/zldf
More information about the cypherpunks-legacy
mailing list