[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Timing Cryptanalysis Attack

To: Eric Young <[email protected]>
Subject: Re: Timing Cryptanalysis Attack
From: "Perry E. Metzger" <[email protected]>
Date: Mon, 11 Dec 1995 13:13:34 -0500
Cc: [email protected]
In-Reply-To: Your message of "Mon, 11 Dec 1995 19:40:14 +1000." <Pine.SOL.3.91.951211192419.28608P-100000@orb>
Reply-To: [email protected]
Sender: [email protected]

Eric Young writes:
> Read the SKIP spec (SKIP is Sun's IP level encryption protocol).  It uses
> Diffle-Hellman certificates.

Photuris, which likely will be the standard way to do this sort of
thing on top of IPsec, also suffers from the problem, but I suspect
the next version of the draft (number 9) will have it fixed.

More interesting is the fact that a number of NSA vetted protocols
seem to have the flaw. Obviously, they either didn't know or didn't
say anything about it to the folks designing such stuff...

Perry

References:
- Re: Timing Cryptanalysis Attack
  - From: Eric Young <[email protected]>

Prev by Date: Re: More FUD from First Virtual
Next by Date: Re: Timing Cryptanalysis Attack
Prev by thread: Re: Timing Cryptanalysis Attack
Next by thread: Re: Timing Cryptanalysis Attack
Index(es):
- Date
- Thread