[45170] in Cypherpunks
Re: Timing Cryptanalysis Attack
daemon@ATHENA.MIT.EDU (Nathaniel Borenstein)
Mon Dec 11 13:10:13 1995
Date: Mon, 11 Dec 1995 06:55:27 -0500 (EST)
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Reply-To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
To: cypherpunks@toad.com, Tom Weinstein <tomw@netscape.com>
In-Reply-To: <30CC02F5.4487@netscape.com>
Hey, don't go for constant time, that's too hard to get perfect. Add a
*random* delay. This particular crypto-flaw is pretty easy to fix.
(See, I'm not *always* arguing the downside of cryptography!)
It is worth noting, however, the extent to which "secure" cryptographic
protocols keep needing to get fixed one last time.... -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com> | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com | http://www.netresponse.com/zldf
