[1682] in cryptography@c2.net mail archive
Re: Kocher timing attacks revisited
daemon@ATHENA.MIT.EDU (Jeff Weinstein)
Thu Oct 2 18:24:44 1997
Date: Thu, 02 Oct 1997 15:21:18 -0700
From: jsw@netscape.com (Jeff Weinstein)
To: perry@piermont.com
CC: cryptography@c2.net
Perry E. Metzger wrote:
>
> Van Jacobson's PATHCHAR program is a neat creation that determines the
> speed of far distant internet links by using statistical techniques on
> round trip times -- by noting tiny differences in timing between small
> and long packets on distant networks, the distinction between T1s,
> T3s, OC3s, etc. can be determined with astonishing accuracy.
>
> Why do I mention this? It occurs to me that the statistical methods he
> uses could also, probably, be used to carry out Kocher style timing
> measurement attacks on distant servers. I suspect that such attacks
> are far less infeasable than has been supposed by many.
>
> Are people using countermeasures for these methods yet, or are they
> still ignoring them?
When the timing attack became public, Netscape immediately
implemented blinding as suggest by Kocher and Rivest. The blinding
code has been in all of our releases since then.
--Jeff
