> My contention is that those processes are too hard to model in any > realistic OS context. But maybe there's a really simple but useful system > in which that's not the case.
It seems unbelievable to do a key recovery attack based by measureing cache timing of AES, yet lo and behold we have attacks that can exploit this over a network [1]. Just because you don't know how to model these processes or they are too hard to you, doesn't mean it isn't something in the realm of feasibility of a more powerful adversary. [1]: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
