[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java and timing info - second attempt



Jim Miller writes:
> Combine this with some a standard crypto API for doing Web-based digital  
> signatures or authentication or encryption and you may begin to see some  
> possibilities.
> 
> Would it be possible to create a Java applet that causes the client  
> machine to sign or encrypt something with their private key, and then send  
> back timing info?
> 
> For the answer to be YES a few things need to be true.  There needs to be  
> some sort of standard crypto API in use that can be accessed by a Java  
> script, and Java scripts need to be able to capture and send back timing  
> info.  Does anyone on this list know enough about Java to know if it can  
> do any of these things?

[I've read a bit more about Java since you last asked the question, 
coincidentally, but I don't know a huge amount about it yet.]

I think this scenario is certainly possible, from a technical point of view.

Crypto APIs in general should force the user to be aware of how she is using 
her key material. Ultimately you can't save people from themselves. (One
of my favorite non sequiturs. ;)  User education helps. But just as users
are tricked by various social engineering methods into divulging their account
passphrases, so they can be duped into encrypting or signing for a stranger's 
timing pleasure. 

However, one would certainly hope that the crypto Java interfaces that get
written are designed to mask timing information in the wake of Kocher. In
fact, this is precisely the sort of thing "we" should consider promulgating....

-Futplex <[email protected]>