According to Ken Hardy:
>But not 'till I get my last word in. ;-)
and me too...
>I'm not qualified to follow all the math in the paper myself (despite
>Prof. Trimble's best efforts. ;-) But the gist is quite clear,
>including the part that says:
> Random delays added to the processing time may increase the number
> of ciphertexts required, but do not completely solve the problem
> since attackers can compensate for the delay by collecting more
> measurements. (If enough random noise is added, the attack can
> become infeasible.
Let me preface this by saying, no, I have not read the paper and I do
not hold my self to be a crypto expert BUT I would have thought that
if the previous summations are true (i.e. it takes longer to process a
1 in a key than a 0) then if you simply 1's complement the key and
encrypt again, throwing away the second result then your encryption
time will be a fixed amount irrespective of how many 1 bits you may
have in the key.... or am I missing something really really basic here
(apart from the speed hit but adding random delays may be worse...)
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
"Upgrading your memory gives you MORE RAM!" - ad in MacWAREHOUSE catalogue.