undefined | Better HN

0 pointsamelius2y ago0 comments

> For cryptographic applications yes.

Why only cryptographic applications? What if I'm writing a very sensitive e-mail, for instance?

0 comments

For this type of attack to work, the algorithm being run needs to be very well understood, and the runtime of the algorithm needs to depend almost entirely on the secret key.

In contrast, the timing of virtually any email operation is not dependent on the contents of the email, other than the size. That is, whether you wrote "my password is hunter2" or "my password is passwor", the timing of any operation running on this email will be identical.

eru2y ago

> In contrast, the timing of virtually any email operation is not dependent on the contents of the email, other than the size.

What about spell checkers etc? Or even just whatever runs to figure out where to break the lines?

tsimionescu2y ago

Perhaps those could be attacked. It's possible though that it's not feasible, that the possible inputs leading to a certain timing signature are just too many to get any data out of it.

Consider that those programs are not making any effort whatsoever to run in constant time, and yet no one has shown any timing attack against them. OpenSSL has taken great pains to have constant execution time, and yet subtle processor features like this still introduce enough time differences to recover the keys.

1 more reply

ameliusOP2y ago

I'm imagining the email program using a formatting and rendering engine, both predictable.

bhawks2y ago

Check out https://www.qubes-os.org/ for an operating system that tries to put as many layers of defense as possible between an end user's applications.

j / k navigate · click thread line to collapse

0 comments

tsimionescu2y ago

For this type of attack to work, the algorithm being run needs to be very well understood, and the runtime of the algorithm needs to depend almost entirely on the secret key.

eru2y ago

> In contrast, the timing of virtually any email operation is not dependent on the contents of the email, other than the size.

What about spell checkers etc? Or even just whatever runs to figure out where to break the lines?

tsimionescu2y ago

Perhaps those could be attacked. It's possible though that it's not feasible, that the possible inputs leading to a certain timing signature are just too many to get any data out of it.

1 more reply

ameliusOP2y ago

I'm imagining the email program using a formatting and rendering engine, both predictable.

bhawks2y ago

Check out https://www.qubes-os.org/ for an operating system that tries to put as many layers of defense as possible between an end user's applications.

j / k navigate · click thread line to collapse