[12570] in cryptography@c2.net mail archive
Re: [Bodo Moeller ] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption
daemon@ATHENA.MIT.EDU (Matt Blaze)
Mon Feb 24 12:21:03 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: EKR <ekr@rtfm.com>, cryptography@wasabisystems.com
In-Reply-To: Message from "Steven M. Bellovin" <smb@research.att.com>
of "Fri, 21 Feb 2003 09:17:11 EST." <20030221141711.C97F67B6C@berkshire.research.att.com>
Date: Sat, 22 Feb 2003 05:30:05 -0500
From: Matt Blaze <mab@research.att.com>
SMB writes:
> I'm struck by the similarity of this attack to Matt Blaze's master key
> paper. In each case, you're guessing at one position at a time, and
> using the response of the security system as an oracle. What's crucial
> in both cases is the one-at-a-time aspect -- that's what makes the
> attack linear instead of exponential.
There's nothing new under the sun; both attacks are more similar than
not to the classic Tenex page-alignment character-at-a-time password
guessing attack.
Speaking of which, does anyone have a good PRIMARY reference to that
I've been trying to track one down for the print version of my lock
paper, and all I can find is either secondary references (like countless
OS textbooks and random computer security papers) or papers that you'd
think would have the attack but turn out no to (like the recent
Multics retrospective paper). Where did the Tenex attack first
appear?
-matt
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
