At 12:35 PM -0700 8/2/99, John Denker wrote:
>2) Network timing may be subject to observation and possibly manipulation
>by the attacker. My real-time clocks are pretty coarse (10ms resolution).
>This subthread started with a discussion of software to estimate the
>entropy of a bitstream, and I submit that this attack scenario is a perfect
>example of a situation where no software on earth can provide a useful
>upper bound on the entropy of the offered bit-stream.
Most modern chips has some sort of "cycle counter" built into the chip.
These counters offer high resolution. The initial value depends on when
the system was started, which may not be available to an attacker. The
value is also dependent on the cache behavior of the system, another value
possibly not available to an attacker.
-------------------------------------------------------------------------
Bill Frantz | The availability and use of secure encryption may |
Periwinkle | offer an opportunity to reclaim some portion of |
Consulting | the privacy we have lost. - B. FLETCHER, Circuit Judge |
