[Bodo Moeller <bodo at openssl.org>] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption

Steven M. Bellovin smb at research.att.com
Fri Feb 21 09:17:11 EST 2003

I'm struck by the similarity of this attack to Matt Blaze's master key 
paper.  In each case, you're guessing at one position at a time, and 
using the response of the security system as an oracle.  What's crucial 
in both cases is the one-at-a-time aspect -- that's what makes the 
attack linear instead of exponential.

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list