[cryptography] Enranda: 4MB/s Userspace TRNG

Naveen Nathan naveen at lastninja.net
Wed May 27 22:20:48 EDT 2015


>    My contention is that those processes are too hard to model in any
>    realistic OS context. But maybe  there's a really simple but useful system
>    in which that's not the case.

It seems unbelievable to do a key recovery attack based by measureing
cache timing of AES, yet lo and behold we have attacks that can exploit
this over a network [1].

Just because you don't know how to model these processes or they are too hard to you,
doesn't mean it isn't something in the realm of feasibility of a more powerful
adversary. 

[1]: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf


More information about the cryptography mailing list