[Cryptography] On Security Architecture, The Panopticon, And "The Law"

[Jerry Leichter]

On Dec 27, 2013, at 2:42 PM, Natanael wrote:
> @Jerry: Why not just use timing alone? If you make the device add "random" delays that look natural on the network, then you could encode data in the timing differences. The data would be hidden in the timing noise and could even require a key to decode so that even somebody who knows of the timing encoding scheme can't decode it without the key.
> 
[I assume this was on the topic of a hardware AES implementation - or a hardware hack that recognized software AES - leaking key bits.]
Maybe there are circumstances in which this could be done, but I don't see it as likely in most.  The encryption is just too far removed from the network transactions.  Suppose you had control of the AES implementation that fed data into a TCP socket.  Could you really produce the kinds of variations in TCP timing that someone could detect?  If the encryption was right at the Ethernet packet level, sure, you could easily slip data into the inter-packet timing information.  But doing it "looking through" the whole TCP stack?  I don't know.

Now, if you want to consider about *multiple* hacks into the hardware - one to grab the key from AES, the other to leak the grabbed information through manipulation at the packet level - you might have something.  In for a penny, in for a pound.
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131228/b76d36bf/attachment.html>