[cryptography] "Against Rekeying"

coderman coderman at gmail.com
Wed Mar 24 14:32:32 EDT 2010


On Tue, Mar 23, 2010 at 4:23 PM, Adam Back <adam at cypherspace.org> wrote:
> ...
> Another angle on this is timing attacks or iterative adaptive attacks
> like bleichenbacher's attack on SSL encryption padding.  If re-keying
> happens before the attack can complete, perhaps the risk of a
> successful so far unnoticed adaptive or side-channel attack can be
> reduced.  So maybe there is some use.

many side channels are relevant in this regard, although such an
advantage often deteriorates quickly. TKIP one example...

another use case i don't see listed is constraining the duration of an
authorization. if authorized access to a resource is provided by an
active session, frequent re-keying in a manner that requires (device
based, ?) authentication places an upper bound on unauthorized access,
maybe. (this implies you terminate expired sessions with extreme
prejudice and that session expiry aligns with re-key interval)



More information about the cryptography mailing list