[EMAIL PROTECTED] ("Hal Finney") writes: >Steven M. Bellovin writes: >> Dan Bernstein has a new cache timing attack on AES: >> http://cr.yp.to/antiforgery/cachetiming-20050414.pdf >This is a pretty alarming attack.
It is? Recovering a key from a server custom-written to act as an oracle for the attacker? By this I don't even mean the timing-related stuff, but just one that just acts as a basic encryption oracle. Try doing that with TLS or SSH, you'll get exactly one unrelated packet back, which is the connection shutdown message. So while it's a nice attack, section 15 should really be simplified to: Don't do that, then. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]