On 02/08/2011 07:08 PM, Andreas Jellinghaus wrote: > Am Dienstag 08 Februar 2011, um 09:08:38 schrieb Ludovic Rousseau: >> I would not say openssh is slow or fast. That is not the problem here. >> It is _expected_ to have a _highly_ variable time for prime number >> generators. > > maybe some smart cards add extra delays if they find a random number > fast, so that timing cannot be used to guess results from the rng? > not sure if any card does something like that.
I vaguely remember something like this when the timing and differential power attacks were found a few years back. There were then some discussions about adding random time in order to not reveal the "real" time spent. Don't know if anyone implemented it though, or if they found a better way... Perhaps more releated to crypto operations than key generation? http://eref.uqu.edu.sa/files/Others/Timing%20Attacks/A%20practical%20implementation%20of%20the%20timing%20attack.pdf http://www.cs.sjsu.edu/faculty/stamp/students/article.html Cheers, Tomas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
