[Jean-David Beyer]
> Aside from the necessity to compromise the machine running
> gpg to get the
> timing data for this attack,
> just how much data can a timing attack retrieve from a
> multiprogramming
> system, such as UNIX, Linux, etc., anyway, since all the
> other processes
> running at th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aside from the necessity to compromise the machine running gpg to get the
timing data for this attack,
just how much data can a timing attack retrieve from a multiprogramming
system, such as UNIX, Linux, etc., anyway, since all the other processes
runn
Hi!
Ryan, thanks for explaining this. I agree with you.
Let me add that this is a classical type of side-channel attack and
nothing really new. It is a general problem to hide things from other
processes when sharing hardware. It is possible to make it hard but
there won't never be perfect sol
[Per Tunedal Casual]
> 2) Are any other ciphers safer to this kind of attack? What about the
> ciphers in OpenPGP applications? Other AES candidates?
>From my reading of it, it looks like any cipher with data-dependent
S-boxes would seem to be susceptible to this class of attack. I think
that w
Hi,
Bruce Schneier presented in his blog a few days ago a new attack against
AES made by Daniel J. Bernstein.
Schneier's blog "AES Timing Attack":
http://www.schneier.com/blog/
Bernstein's paper: "Cache timing attacks on AES":
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
In short Ber
