Marsh, Am I missing something?
On Fri, Jun 22, 2012 at 1:06 PM, Marsh Ray <[email protected]> wrote: > On 06/21/2012 09:05 PM, ianG wrote: >> >> >> On 22/06/12 06:53 AM, Michael Nelson wrote: [snip] >> It's a natural human question to ask. "I want to see what's under the >> hood." But it seems there is also a very good response - if you can >> see under the hood, so can your side-channel-equipped attacker. > > It seems to me that the bits one gets to see via RdRand aren't a side > channel, by defintion. But if the attacker gets to see a disjoint set of > samples from the same oscillator then we only need to worry about > dependencies lurking between the sample sets. > > The oscillator is a fairly simple circuit, so it should be straightforward > to show it has a memory capacity of only bit or two. Allowing the oscillator > to run for a few cycles between sample sets going to different consumers > should eliminate the possibility of short term dependencies. You wrote "going to DIFFERENT consumers". I am interpreting that as different processes, but I don't see how a CPU instruction like RdRand or anything else is going to be process or thread or <insert your favorite security context here> aware. If you would have omitted the "different", then it would have made sense. So am I just reading too much into your statement and you didn't really mean "*different* consumers" or am I simply not understanding what you meant? If the latter, if you could kindly explain. Thanks, -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
