[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Timing Cryptanalysis Attack
At 09:39 AM 12/13/95 -0500, you wrote:
>Armadillo Remailer wrote:
>
>| >My gut & scribble-on-the-back-of-a-napkin feeling about this class of
>| >attack is that it could be a problem for smartcards (almost certainly)
>|
>| Is it a problem to create smartcards that do their calculations in
>| fixed time? I'd guess it should be easier than on multi-purpose
>| hardware.
>
> Not if the fixed time is in weeks.
>
> If you read the Crypto proceedings, you'll find a number of
>papers on using an (untrusted) CPU, such as that in a cash machine, to
>aid a smartcard. This is because the CPUs in smartcards are very
>slow.
DigiCash has been aware of the timing problem for years. Especially as it
relates to smartcards, for which you can get timings down to the clock
cycle. Cosequently, both DigiCash's smartcards and DigiCash's Ecash use
fixed timings.
--Lucky at work
--Mark Twain Bank Ecash Support
Ecash. The secure Internet payment system that protects your privacy.
<http://www.marktwain.com/ecash.html>