According to Ken Hardy:
>
>But not 'till I get my last word in. ;-)
>
and me too...
>
>I'm not qualified to follow all the math in the paper myself (despite
>Prof. Trimble's best efforts. ;-) But the gist is quite clear,
>including the part that says:
>
> Random delays added to the processing time may increase the number
> of ciphertexts required, but do not completely solve the problem
> since attackers can compensate for the delay by collecting more
> measurements. (If enough random noise is added, the attack can
> become infeasible.
>
Let me preface this by saying, no, I have not read the paper and I do
not hold my self to be a crypto expert BUT I would have thought that
if the previous summations are true (i.e. it takes longer to process a
1 in a key than a 0) then if you simply 1's complement the key and
encrypt again, throwing away the second result then your encryption
time will be a fixed amount irrespective of how many 1 bits you may
have in the key.... or am I missing something really really basic here
(apart from the speed hit but adding random delays may be worse...)
--
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
===============================================================================
"Upgrading your memory gives you MORE RAM!" - ad in MacWAREHOUSE catalogue.
|
|
