> From: Sid Shetye [mailto:sid...@outlook.com]
> Sent: Friday, August 29, 2014 12:01 PM
>
> It's more straightforward to attack that your scenario:
>
> I have your public key, so I have some idea. I send you a GPG email, your
> email client will decrypt as it hits your inbox. Everything except th
John, that 'encoding' sounds very much like ciphertext blinding. This
diploma thesis on RSA sidechannel attacks is 10 years old but survey's some
solutions. (Link:
https://www.cdc.informatik.tu-darmstadt.de/reports/reports/KP/Feng_Lue.diplo
m.pdf)
I took a quick look at the BC C# source and it see
Sid, Ned,
I will think about it some more and consider your suggestion for ciphertext
blinding.
In any case I think you might find this snippet interesting:
"To protect against the kinds of information leakage described above, we encode
the computation in a way that prevents the powerful compu
It's more straightforward to attack that your scenario:
I have your public key, so I have some idea. I send you a GPG email, your email
client will decrypt as it hits your inbox. Everything except the "physical
touch" can be automated. And as iOS jailbreaks have shown, even though the
attack ve
> From: Edward Ned Harvey (bouncycastle)
> [mailto:bouncycas...@nedharvey.com]
>
> Yes I believe an observer of the ground signal could determine "I saw a
> power spike between X ms and Y ms, which probably means you did
> something cryptographic or doing some kind of compression or
> decompressi
