| . |
|
Bitland.Net Security Notes
Comments? email jwilkins-at-bitland*net
More information on the author at Jonathan Wilkins's home page RSS feed available at http://www.bitland.net/index.rss 
|
| Archives: 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000 |
| |
| |
| Cache Timing Attacks on AES | (2005/06/03 16:45) |
Dan Bernstein has recently released a paper on Cache-timing attacks on AES. His attack is able to perform complete AES key recovery based on known plaintext timings across a network. This is pretty huge and is fundamental to the AES algorithm, not any particular implementation. Tom Ptacek has an astoundingly funny edit of the resulting debate on sci.crypt. |
| +digg | +del.icio.us | [Crypto ] | Permanent link |
| |
| Bernstein's paper on Brute Force Attacks in Cryptography | (2005/06/03 15:00) |
I love reading DJB's papers. They're always quite educational and he's not above handing out a well deserved smackdown. Take this quote from his Understanding Brute Force paper. "Why did the author of this paper characterize this serial attack as successful cryptanalysis? It's simply not true that the attack is 'faster than exhaustive search' - unless you assume that the attacker is forcing himself to use a serial computer, ie, that the attacker is an idiot" |
| +digg | +del.icio.us | [Crypto ] | Permanent link |
| |
| Bluetooth Crypto Broken | (2005/06/03 13:45) |
Slashdot reports on a new threat for Bluetooth devices. It's possible to eavesdrop on conversations and even initiate calls. It turns out it's embarrasingly easy. Bluetooth devices need to be be paired in order to talk to each other. In order for this to happen, the user enters a sequence into both devices and they then negotiate a key. Ollie Whitehouse demonstrated a weakness in this process last year wherein you could deduce the key if you could sniff the initial communication. The Bluetooth spec apparently includes a "I forgot my key" message that a device can send to redo this key negotiation. If you are within range, it's trivial to spoof this message. Way to go. Read about the Bluetooth crypto break here |
| +digg | +del.icio.us | [Security ] | Permanent link |
| |
| RSS feed available at http://www.bitland.net/index.rss |