[Cryptography] Defeating timing attacks

Ray Dillinger bear at sonic.net
Fri Jul 14 22:36:45 EDT 2017



On 07/14/2017 05:53 PM, John Denker via cryptography wrote:

> Furthermore, a much better way to defeat timing attacks is already
> known:
>  a) use a dedicated machine,
>  b) inside a Faraday cage, and
>  c) emit the results at some pre-arranged time.


Oddly enough, I have just finished putting a dedicated system inside a
Faraday cage, for a completely different reason.

My CNC mill generates a lot of radio-frequency noise.  The controller
box runs fine in the noisy environment (it uses a shielded parallel
cable) but the house wireless network would really rather not be
exposed to the radio noise of the dust extraction vacuum and spindle motor.

And it is already inside a box for dust and (audio) noise containment
purposes, so adding electronic-spectrum shielding amounted to a minor
mod of the box.

But forget the Faraday cage. The real secret of security on the CNC
controller is this:  Not connected to the Internet.  At all.  Ever.
So I'm reasonably confident of its security.

I suppose if I want to do some really serious everything-depends-on-it
secrecy crypto, doing it on that machine, while the mill and dust
extraction vacuum are running, and moving it to and from anywhere else
via (non-USB) sneakernet, would probably be the way to do it.

				Bear

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170714/280e5368/attachment.sig>


More information about the cryptography mailing list