[Cryptography] Defeating timing attacks
Ron Garret
ron at flownet.com
Sat Jul 15 12:11:20 EDT 2017
On Jul 14, 2017, at 5:53 PM, John Denker via cryptography <cryptography at metzdowd.com> wrote:
> Furthermore, a much better way to defeat timing attacks is already
> known:
> a) use a dedicated machine,
Like this for example:
https://sc4.us/hsm/
(Disclaimer: this is my product.)
> b) inside a Faraday cage
The SC4-HSM is not currently packaged in a Faraday cage because that would obscure the display. But if you’re really worried about tempest attacks you could make a little hood for it out of aluminum foil (a literal tin-foil hat!)
> c) emit the results at some pre-arranged time.
The current firmware doesn’t do this, but modifying it to do this is trivial as there is a hardware real-time clock on-chip (along with a hardware TRNG, so no need to worry about whether or not /dev/urandom does the Right Thing).
(However, the current firmware *is* based on TweetNaCl so it should be constant-time regardless.)
rg
More information about the cryptography
mailing list