North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: OpenSSL
In message <[email protected]>, Scott Francis writes: > > >Fun is about all it comes to. See what Schneier had to say in the most >recent crypto-gram regarding this hole. ><http://www.counterpane.com/crypto-gram-0303.html> This is a new attack, not the one Schneier was talking about. It's very elegant work -- they actually implemented an attack that can recover the long-term private key. The only caveat is that their attack currently works on LANs, not WANs, because they need more precise timing than is generally feasible over the Internet. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (2nd edition of "Firewalls" book)
|