[56820] in North American Network Operators' Group
Re: OpenSSL
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Tue Mar 18 09:14:00 2003
To: Michael.Dillon@radianz.com
Cc: nanog@merit.edu
Reply-To: EKR <ekr@rtfm.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: 18 Mar 2003 06:18:42 -0800
In-Reply-To: <OFC1DBB3C4.82170C0D-ON80256CED.0038C758-80256CED.003915AB@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu
Michael.Dillon@radianz.com writes:
> > This is a new attack, not the one Schneier was talking about. It's
> > very elegant work -- they actually implemented an attack that can
> > recover the long-term private key. The only caveat is that their
> > attack currently works on LANs, not WANs, because they need more
> > precise timing than is generally feasible over the Internet.
>
> Hmmm...
> This means that it is safer for senior managers in a company to
> communicate using private ADSL Internet connections to their desktops
> rather than using a corporate LAN.
Afraid not. The timing attack is an attack on the SSL server.
So as long as the SSL server is accessible at all, the attack
can be mounted. And once the private key is recovered, then
you no longer need LAN access.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
