Interesting People mailing list archives
Re: Adi Shamir's microprocessor bug attack
From: David Farber <dfarber () cs cmu edu>
Date: Thu, 22 Nov 2007 13:44:47 -0500
Begin forwarded message: From: "James A. Donald" <jamesd () echeque com> Date: November 20, 2007 10:41:51 PM EST To: "' =JeffH '" <Jeff.Hodges () KingsMountain com> Cc: cryptography () metzdowd com Subject: Re: fyi: Adi Shamir's microprocessor bug attack If I understand this correctly, this is a chosen crypto text attack. The attacker constructs a crypto text, the target decrypts it, and the target then reveals the decrypted text to the attacker. But what should happen is that he decrypts a key to be used in symmetric decryption, applies it, gets garbage, message checksum fails, message discarded. Alternatively attacker sends text to be signed by target - but most signature algorithms contain some random salt. If they don't, they should. Public key systems are not robust if the holder of the secret key makes an oracle available for decrypting or signing attacker chosen text. This attack does not make them substantially less robust. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo () metzdowd com ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Re: Adi Shamir's microprocessor bug attack David Farber (Nov 22)