Enable RSA blinding
Florian Weimer
Weimer at CERT.Uni-Stuttgart.DE
Fri Mar 14 19:46:47 EST 2003
After browsing "Remote timing attacks are practical" (Boneh & Brumley,
<http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html>), I
wonder if it might be a good idea to add calls to RSA_blinding_on()
before the OpenSSL RSA decryption routines are invoked.
The issue is not a LAN-only issue, BTW. Packet delay variation is
usually higher in LANs than in WANs.
--
Florian Weimer Weimer at CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
More information about the openssh-unix-dev
mailing list