[Cryptography] On Security Architecture, The Panopticon, And "The Law"
Jerry Leichter
leichter at lrw.com
Sat Dec 28 09:44:00 EST 2013
On Dec 28, 2013, at 8:32 AM, Natanael wrote:
> My point is simply that nearly undetectable exfiltration is possible. Thus it's only more important that we can keep the attackers out.
>
But this is really not news. We've known about timing channels for decades. We've also known that they are almost impossible to close, and sometimes even to detect. The only practical strategy is to limit their bandwidth, which can be done. The old work had to do with leakage channels within a single host, but we really shouldn't be surprised that it applies across hosts on a network as well.
What *is* new is along an entirely different dimension. It used to be that you could say "OK, I've gotten the maximum timing channel to one bit/second, getting even a small document out will take forever." Well, that same channel leaks an AES key in a bit over two minutes - even as you yourself send all your data, encrypted with that key, to an on-line backup site at speeds that are many, many orders of magnitude higher.
This wasn't considered in the old analyses, and unfortunately it really shreds them. And it's not just on networks: Even the old same-host attacks are more interesting again out on shared-tenant cloud hosts.
Attack and defense - the eternal battle.
-- Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131228/5c293b1f/attachment.html>
More information about the cryptography
mailing list