Re: ECC and timing attacks

New Message Reply About this list Date view Thread view Subject view Author view

Tim Dierks (tdierks@certicom.com)
Thu, 8 Oct 1998 19:21:53 -0700


At 12:08 AM -0700 10/8/98, Lucky Green wrote:
>Is anybody here aware of timing attacks against ECC? Are there theoretical
>reasons why timing attacks will or will not work with ECC?

The nature of timing attacks is such that they will probably work against
at least some implementations of virtually any cipher. However, certain
techniques can be used to make timing attacks more difficult to mount,
asymptotically approaching impossible.

We have reason to believe that ECC can be protected against timing attacks,
as can other algorithms. The interesting question is how expensive a
protected algorithm is: with at least some variants of ECC, it's likely
that protection is available at a lower computational cost (approaching
free) than it is with other algorithms, such as RSA.

More clearly, timing attacks are at least theoretically possible against
some ECC variants, but it's possible that variants of ECC can be protected
against such attacks easily.

 - Tim

Tim Dierks - timd@consensus.com - www.consensus.com
  VP of Engineering - Consensus Development
  Developer of SSL Plus: SSL 3.0 Integration Suite


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:21