[17574] in cryptography@c2.net mail archive
Re: AES cache timing attack
daemon@ATHENA.MIT.EDU (Bill Stewart)
Sat Jun 25 15:12:48 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 23 Jun 2005 13:33:23 -0700
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
From: Bill Stewart <bill.stewart@pobox.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <E1DkIpC-0004LO-00@medusa01.cs.auckland.ac.nz>
At 02:44 AM 6/20/2005, Peter Gutmann wrote:
>Stephan Neuhaus <neuhaus@st.cs.uni-sb.de> writes:
> >Concerning the practical use of AES, you may be right (even though it would
> >be nice to have some advice on what one *should* do instead).
Would switching to triple-AES (or double-AES) or something help?
Yeah, it's ugly, and AES was supposed to let us get away from triple-DES,
but maybe running one AES with the original key and
the other session with the inverse of the key would
interfere with timing attacks?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
