[Bodo Moeller <bodo at openssl.org>] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption
Steven M. Bellovin
smb at research.att.com
Fri Feb 21 09:17:11 EST 2003
I'm struck by the similarity of this attack to Matt Blaze's master key
paper. In each case, you're guessing at one position at a time, and
using the response of the security system as an oracle. What's crucial
in both cases is the one-at-a-time aspect -- that's what makes the
attack linear instead of exponential.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list