North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: OpenSSL
> This is a new attack, not the one Schneier was talking about. It's > very elegant work -- they actually implemented an attack that can > recover the long-term private key. The only caveat is that their > attack currently works on LANs, not WANs, because they need more > precise timing than is generally feasible over the Internet. Hmmm... This means that it is safer for senior managers in a company to communicate using private ADSL Internet connections to their desktops rather than using a corporate LAN. Very interesting. Could IP Centrex be the wave of the future? Will ISPs offer random jitter insertion guarantees on such a service to foil people using timing attacks? --Michael Dillon
|