[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Re: Adi Shamir's microprocessor bug attack
Begin forwarded message: From: "James A. Donald" <jamesd@echeque.com> Date: November 20, 2007 10:41:51 PM EST To: "' =JeffH '" <Jeff.Hodges@KingsMountain.com> Cc: cryptography@metzdowd.com Subject: Re: fyi: Adi Shamir's microprocessor bug attack If I understand this correctly, this is a chosen crypto text attack. The attacker constructs a crypto text, the target decrypts it, and the target then reveals the decrypted text to the attacker. But what should happen is that he decrypts a key to be used in symmetric decryption, applies it, gets garbage, message checksum fails, message discarded. Alternatively attacker sends text to be signed by target - but most signature algorithms contain some random salt. If they don't, they should. Public key systems are not robust if the holder of the secret key makes an oracle available for decrypting or signing attacker chosen text. This attack does not make them substantially less robust. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com -------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC