[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[2]: Timing Cryptanalysis Attack

To: "Martin Diehl" <[email protected]>
Subject: Re: Re[2]: Timing Cryptanalysis Attack
From: "David E. Smith" <[email protected]>
Date: Mon, 11 Dec 1995 23:36:35 -0600
Cc: [email protected]
Sender: [email protected]

At 10:30 PM 12/11/95 CST, Martin Diehl wrote:

>     OTOH, maybe we _should_ try for constant computation time and then try 
>     for *random* delay time.  Remember that _we_ will spend a lot of real 
>     time arguing whether the *random* delay is really _random_
Does it necessarily matter whether the random delay time is true-random?
The idea is to obfuscate the time of the whole computation.  As long
as you don't base your random numbers on the system clock, it should
serve its purpose.  (I omit the system clock because timing seems to be
the nexus of the whole attack, so we can safely assume that the clock's
data, and thus its source of "randomness," can be predicted.
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Quote: "And if we change, well, I'll love you anyway" - Alice In Chains
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864

Prev by Date: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
Next by Date: Re: More FUD from First Virtual [NOISE]
Prev by thread: Re: Timing Cryptanalysis Attack
Next by thread: Re: Timing Cryptanalysis Attack
Index(es):
- Date
- Thread