Firewalls: re: Timing Attack

Firewalls
(December 1995)

Indexed By Thread: [Previous] [Next]

Subject:	re: Timing Attack
From:	jim @ SmallWorks . COM (Jim Thompson)
Date:	Tue, 12 Dec 1995 23:56:25 -0600
To:	cjolley @ iac . net, mike @ fionn . lbl . gov
Cc:	firewalls @ GreatCircle . COM

>On Dec 12,  5:51pm, cjolley @
 iac .
 net wrote:
>> Perhaps I should read the paper but the idea of measuring responses to
>> figure out cryptokeys seems (with appologies to Aurthur C. Clark) magic
>> to me. It would seem to me that this kind of a technique would require
>> a whole raft of assumptions to be made about the computational capability

All of the efficient algorithms for modular exponentiation take more
time for 1s than for 0s.  It doesn't matter how fast host doing the
computation can do so, the issue is that it will always take longer
when there are more 1s in the key.  With enough exchanges, you can
deduce the key. (Even in the presence of noise, like 'sleep'.)

Read the paper.

Jim

Indexed By Date	Previous:	Re: connections from localhost 127.0.0.1 From: newton @ communica . com . au (Mark Newton)
Indexed By Date	Next:	solution connections from localhost 127.0.0.1 From: "Greg Hume" <ghume @ cybergraphic . com . au>
Indexed By Thread	Previous:	re: Timing Attack From: mike @ fionn . lbl . gov (Michael Helm)
Indexed By Thread	Next:	re: Timing Attack From: djj1 @ riffraff . osi . com (Derik Jarne x353-2490)