[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Timing Cryptanalysis Attack




Anonymous writes:
> "Perry E. Metzger" <[email protected]> writes:
> 
>  > Timings like the ones listed are trivial to take in
>  > establishing things like SSL sessions, or Photuris sessions.
>  > The danger is to online protocols, not to PGP.
> 
> This must be a new and interesting definition of the word
> "trivial" with which I was previously unfamiliar.
> 
> Quite frankly, I would be extremely surprised if anyone mounted a
> successful hostile attack against a server's RSA certificate
> using timings of remotely initiated SSL sessions outside of a
> controlled laboratory environment.

Go ahead and trust that no one can do it, then. Considering that NTP
can synch up clocks over the net with astonishing accuracy with
multiple probes, it would be hard to believe that you couldn't
similarly dramatically reduce the effects of network delays for the
purposes of mounting an attack on an RSA key, too.

However, if you don't believe it is possible, why, go ahead and ignore
it. Not my problem what you do.

Perry