[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Matt Blaze: Paul Kocher's timing attack




The attack in question is quite general and probably works for both
Photuris and SKIP -- both should be changed around in the light of
Kocher's attack.

[Rumor has it, by the way, that the attack works on several NSA
sponsored crypto systems like protocols using Capstone chips/Fortezza cards]

Perry

------- Forwarded Message

To: cypherpunks@toad.com
Subject: Paul Kocher's timing attack
Date: Sun, 10 Dec 1995 22:12:21 -0500
From: Matt Blaze <mab@research.att.com>


Paul Kocher's brutally clever timing attack against on-line
implementations of RSA, DSA and fixed-exponent Diffie-Hellman
is reported on page A1 of Monday's New York Times ("Secure Digital
Transactions Just Got a Little Less Secure" by John Markoff).

The attack requires only a few thousand ciphertext samples and works
against most implementations of public-key cryptosystems in which
the attacker can measure accurately the target's computation time for
each sample.

I think Kocher's paper is online somewhere; I'll post the URL
when I find it.

- -matt


------- End of Forwarded Message



Follow-Ups: