fyi: Adi Shamir's microprocessor bug attack
Christian Paquin
paquin at credentica.com
Wed Nov 21 15:23:53 EST 2007
' =JeffH ' wrote:
> From: John Young <cryptome at earthlink.net>
> [...]
> Research Announcement: Microprocessor Bugs Can Be Security Disasters
> [...]
> A similar attack can be applied to any security scheme based on
> discrete logs modulo a prime, and to any security scheme based on
> elliptic curves (in which we can also exploit division bugs)
Does somebody know if, in case of a discrete log scheme, this would
result in an attack using one chosen message (like for RSA), or would
the attack be similar to the one described by Boneh, DeMillo and Lipton
for Schnorr's identification protocol and require O(n log n) executions?
- Christian
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list