[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Timing Attacks

To: [email protected]
Subject: Re: Timing Attacks
From: [email protected] (John Lull)
Date: Tue, 12 Dec 1995 07:48:10 GMT
In-Reply-To: <[email protected]>
Organization: Windsmith
References: <[email protected]>
Sender: [email protected]

On Mon, 11 Dec 1995 17:04:56 -0500 (EST), Eli Brandt wrote:

> Also, it's not just networked machines.  Smart cards may have a hard
> time defending themselves against hostile card readers.  They're slow
> already; the user may not appreciate the extra time spent for
> obfuscation.  (This depends critically on the numbers, of course.)

Smart card have one major advantage, though.  During these types of
operations, a smart card will be totally dedicated to the crypto.
Calculating the maximum possible delay for a given key size should be
relatively easy.

Most single-chip micros also have a timer that could be readily
dedicated to counting out this maximum possible delay, and the result
held only that long.  This could, on an 8051 (as a fairly typical
example) be easily controlled (with a 1-instruction loop) to within 2
instruction cycles.  Given another dozen or so instructions, it can be
controlled to a single fixed delay.

Where minimum and maximum delays only differ by 1% or so for a given
key size, no one will ever notice the extra time required to hold the
result for the maximum possible delay.

References:
- Re: Timing Attacks
  - From: [email protected]

Prev by Date: Re: Timing Attack Paper
Next by Date: Re: Timing Cryptanalysis Attack
Prev by thread: Re: Timing Attacks
Next by thread: Re: Timing Attacks
Index(es):
- Date
- Thread