OpenSSL
Michael.Dillon at radianz.com
Michael.Dillon at radianz.com
Tue Mar 18 10:23:31 UTC 2003
> This is a new attack, not the one Schneier was talking about. It's
> very elegant work -- they actually implemented an attack that can
> recover the long-term private key. The only caveat is that their
> attack currently works on LANs, not WANs, because they need more
> precise timing than is generally feasible over the Internet.
Hmmm...
This means that it is safer for senior managers in a company to
communicate using private ADSL Internet connections to their desktops
rather than using a corporate LAN.
Very interesting. Could IP Centrex be the wave of the future? Will ISPs
offer random jitter insertion guarantees on such a service to foil people
using timing attacks?
--Michael Dillon
More information about the NANOG
mailing list