[56824] in North American Network Operators' Group
Re: OpenSSL
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Tue Mar 18 10:43:23 2003
To: alex@yuriev.com
Cc: nanog@merit.edu
Reply-To: EKR <ekr@rtfm.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: 18 Mar 2003 07:48:10 -0800
In-Reply-To: <Pine.LNX.4.10.10303180959560.31392-100000@s1.yuriev.com>
Errors-To: owner-nanog-outgoing@merit.edu
alex@yuriev.com writes:
> > > This means that it is safer for senior managers in a company to
> > > communicate using private ADSL Internet connections to their desktops
> > > rather than using a corporate LAN.
> >
> > Afraid not. The timing attack is an attack on the SSL server.
> > So as long as the SSL server is accessible at all, the attack
> > can be mounted. And once the private key is recovered, then
> > you no longer need LAN access.
>
> While the timing attack is the attack against the SSL server, it is my
> reading of the paper that the attacks' success largely depends on ability to
> tightly control the time it takes to communicate with a service using SSL.
> Currently, such control is rather difficult to achive on links other than
> ethernet.
Quite so. What I meant here was that as long as Ethernet access
is provided to the server at all, having your own traffic sent
over a non-Ethernet link doesn't protect you.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
