[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Timing Cryptanalysis Attack

To: Tom Weinstein <[email protected]>
Subject: Re: Timing Cryptanalysis Attack
From: Eric Young <[email protected]>
Date: Mon, 11 Dec 1995 21:24:41 +1000 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Mon, 11 Dec 1995, Tom Weinstein wrote:
> Careful.  Even if you can make the number of executed instructions the
> same, you still have to worry about timing differences due to branches
> and the way the hardware multiplier handles different operands.

Granted.  For my particular library, there are no major 'if statements' I 
believe (I'll check) after you get out of the mod_exp function and into 
the mod and mul sub parts.  As for the multiplier, I just had a look at 
my old 386 book and yup, it does take an argument dependent time... I've 
been around pipelined RISC cpus too long...

eric 
--
Eric Young                  | Signature removed since it was generating
AARNet: [email protected]    | more followups than the message contents :-)

References:
- Re: Timing Cryptanalysis Attack
  - From: Tom Weinstein <[email protected]>

Prev by Date: Timing attacks
Next by Date: Re: [Mix-L] WARNING: sting via remailer! (fwd)
Prev by thread: Re: Timing Cryptanalysis Attack
Next by thread: Re: Timing Cryptanalysis Attack
Index(es):
- Date
- Thread