On Wed, 29 Oct 2008 23:41:40 -0500
Thierry Moreau <[EMAIL PROTECTED]> wrote:
> Does SCA protection enter the picture? Marginally at best.
You're forgetting the first questions you need to ask: who are your
enemies, what are you trying to protect, and what can you enemy spend?
And regardless of the answer to the last part, it's safe to assume that
your enemy would prefer to spend as little as possible.  Note that
"spend" includes not just dollars, euros, zorkmids, or linden dollars,
but also reputation if discovered, attack techniques you may or may not
want to reveal, etc.  

So -- why do a side-channel attack involving, say, a million SSL
messages (see http://www.cert.org/advisories/CA-1998-07.html), when
that's the sort of thing that will show up in a log file, when you can
send a simple RPC query
(http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx) to
learn a private key?

But -- if you're a transit getting ready to deploy fare cards that
depend on a chip being secure, you'd better be very careful about side
channels, because those attacks can be tried offline.

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to