Hi,
I am a newbie to security and SSL.. but thought this could help.. ( I am
not sure if I am answering your question)
RSA_blinding_on() takes care of the attack which measures the encryption
and decryption time taken by RSA.
hope this will be of some help,
Manish
>Date: Mon, 15 Jul 2002 16:08:22 -0700 (PDT)
>From: Shalendra Chhabra <[EMAIL PROTECTED]>
>Subject: an advise
>To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
>MIME-Version: 1.0
>X-Sender: Shalendra Chhabra <[EMAIL PROTECTED]>
>X-List-Manager: OpenSSL Majordomo [version 1.94.4]
>X-List-Name: openssl-users
>X-Perlmx-Spam: Gauge=, Probability=0%, Report=
>X-Keywords:
>
>Just a short piece of information will help me in my
>student life
>
>Paul kocher had discovered Timing analysis attack on
>Implementations of Public Key Cryptosystems like
>Diffie Hellman , RSA etc
>and also Paul was one of the designer of SSL 3.0
>specifictations
>
>I just wanted to ask this:
>"when Paul had designed SSL 3.0 Spec, was the attack
>taken into account?"
>In short please help me reaching the conclusion that
>
>"Is SSL 3.0/TLS susceptible to Pauls Timing Analysis
>Attack"???
>
>Please Reply@Earliest
>Thanks
>Shalendra
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Autos - Get free new car price quotes
>http://autos.yahoo.com
>______________________________________________________________________
>OpenSSL Project http://www.openssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
------------------------------------------------------
Manish Chablani ([EMAIL PROTECTED]),
Graduate Student,
Computer Science Department,
Indiana University
------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
