Enable RSA blinding
Damien Miller
djm at mindrot.org
Sun Mar 16 00:59:41 EST 2003
Florian Weimer wrote:
> After browsing "Remote timing attacks are practical" (Boneh & Brumley,
> <http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html>), I
> wonder if it might be a good idea to add calls to RSA_blinding_on()
> before the OpenSSL RSA decryption routines are invoked.
It is on in the snapshots as of tonight (thank Markus).
> The issue is not a LAN-only issue, BTW. Packet delay variation is
> usually higher in LANs than in WANs.
I'm curious about this - do you have a reference or some evidence?
-d
More information about the openssh-unix-dev
mailing list