[145821] in cryptography@c2.net mail archive
Re: Randomness, Quantum Mechanics - and Cryptography
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Sep 7 15:18:45 2010
Date: Tue, 7 Sep 2010 14:19:46 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: John Denker <jsd@av8n.com>
Cc: Marsh Ray <marsh@extendedsubset.com>, Jerry Leichter <leichter@lrw.com>,
"cryptography@metzdowd.com List" <cryptography@metzdowd.com>
In-Reply-To: <4C867D63.8030109@av8n.com>
On Tue, 07 Sep 2010 10:58:59 -0700 John Denker <jsd@av8n.com> wrote:
> On 09/07/2010 10:21 AM, Marsh Ray wrote:
> > Blast it with RF for one.
>
> 1) This is not an argument in favor of quantum noise over
> thermal noise, because the same attack would be at least
> as effective against quantum noise.
Very true.
> 2) You can shield things so as to make this attack very,
> very difficult.
I suspect that for some apps like smart cards that might be hard.
OTOH, it might be straightforward to detect the attempt.
> 3) The attack is detectable long before it is effective,
> whereupon you can shut down the RNG, so it is at best a
> DoS attack. And then you have to compare it against
> other brute-force DoS attacks, such as shooting the
> computer with an AK-47.
Well, imagine that you could very reliably force the random number
generator on a smart card. You could then probably attack the smart
card in all sorts of ways, even retrieving keying material by
sufficiently perverting the "random" choices made in some protocol
handshakes.
This is not a practical attack for a remote server, but for some
situations, it probably is.
--
Perry E. Metzger perry@piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
