The Lazy Genius :: AES Timing Attack

success fail May NOV Dec 01 2005 2006 2007 2 captures 24 May 2005 - 01 Nov 2006 About this capture COLLECTED BY Collection: Accelovation Crawl Web crawl snapshots generously donated from Accelovation. This data is currently not publicly accessible.

From the site: Accelovation is pioneering the delivery of Insight Discovery™ software solutions that help companies move from innovation idea to product reality faster and with more success.

Our solutions are used by leading firms in the Fortune 500 and beyond – companies from a diverse set of industries ranging from consumer packaged goods to high tech, foods to chemicals, and others. We help them mine the online world for market and technical insights to help speed the process of innovation.
TIMESTAMPS

We see you're using Internet Explorer, which is not a safe way to browse the web.  We strongly suggest downloading Firefox. We think you'll like it better:

      · Firefox blocks pop-up windows.
      · It's more secure against viruses and spyware.
      · It keeps Microsoft from controlling the future of the internet.
      · It's better for web designers and developers.
      · Features like tabbed browsing make reading webpages easier.

Click the button on the right to download Firefox.  It's free.



The Lazy Genius Home Syndicate Syndicate this category Subscribe Main Page  Security  Personal Note  PSP Hacks  XBox Hacks  Privacy  Tools  Lectures  Other Technology  For Fun  Audrey  Random Pics Get FireFox for Secure Browsing Recent Comments Re: PCI Data Security Sandard Updated to 1.1 Re: Web 2.0 Image Generator True Keeps A Database Re: IBM Official Press about ISS Acquisition Re: Re: True.com Scam Month Archive July 2005
June 2005
May 2005
My Blog Roll .: UNEASYsilence :. .:[ packet storm ]:. 180solutions Blog 5ives A Day in the Life of an Information Security Investigator ASTALAVISTA ASTALAVISTA Security Directory Arik's blog Asa Dotzler - Firefox and more Atlanta Business Chronicle Avery J. Parker's Blog Ben Edelman - Home Ben's Bargains Blingo Buzz BlueHat Security Briefings Boing Boing CNN.com CSO Homepage Caffeinated Security CastleCops Cheapstingybargains.com Computer Crime Research Center Computer Internet Security eLamb Daily Phreak - Daily Telecom, Asterisk & Phreaking Updates Dana Epp's ramblings at the Sanctuary Digg Digg Blog Digital Common Sense Digital-Mafia E-Bitz - SBS MVP the Official Blog of the SBS "Diva" EFF: Breaking News EFF: DeepLinks EFF: miniLinks Engadget Everlasting Blort F-Secure : News from the Lab Forever Geek GeoURL Log George Ou | ZDNet.com Global Security Watch Go Fug Yourself Gravatar - Globally Recognized Avatar Hack In The Box Hack a Day I-Hacked.com Inc.com InfoWorld Inside AdSense Israel Torres on Security Joao Barros Kim Cameron's Identity Weblog Lotus Geek MAKE: Blog Mark's Blog Mark's Sysinternals Blog Metasploit Blog Microsoft Architecture Resource Center Microsoft Secguide's WebLog Microsoft Security Bulletins Microsoft Windows Security Monkeys In The News NPR : News National Cyber Alert System NetIdentity Blogware - Support Center :: Main Page Network World on Firewalls Network World on IDP/IPS Network World on Network Security Network World on VPNs Network World on Wireless PostSecret Regulatory Compliance ReveNews - Online Revenue News & Opinions Rootkit.com Rootsecure.net | Home SANS Internet Storm Center SANS NewsBites: Security Digest SC Magazine Sage Project News Schneier on Security Scobleizer - Microsoft Geek Blogger Search Engine Watch Blog SecuriTeam Blogs Security Awareness for Ma, Pa and the Corporate Clueless Security Fix SecurityDocs SecurityDump: Directory of Security Tools SecurityFocus Slashdot SlickDeals.net So sue me Steve Lamb's Blog Steve Riley on Security Sunbelt BLOG TaoSecurity TechNet Blogs TechRepublic TechRepublic Downloads Technorati Weblog Telecom, Security and P2P The Cloud Appreciation Society The Dilbert Blog The Edge of I-Hacked The Metasploit Project Urban Legends Reference Pages: What's New User Friendly the Comic Strip Viruslist.com - Analyst's Diary Vitalsecurity.org Welcome to nosec Wi-Fi Networking News WiFi Thoughts Windows Incident Response Windows Live Safety Center Woot : The Blog meeblog one2one, Dell’s Weblog trifinite.blog xkcd Login
Main Page  »  Security Previous: WEP Cracking - The Next Generation Next: TOOOL, The Open Organisation Of Lockpickers AES Timing Attack by on Tue 17 May 2005 01:16 PM CDT  |  Permanent Link  |  Cosmos There was recent paper released on using a timing attck on the AES implementation.  This is not a bug in the AES algorithm, but in the implementation if AES when it pertains to slower processors. 

Abstract. This paper demonstrates complete AES key recovery from known-plaintext timings of a network server on another computer. This attack should be blamed on the AES design, not on the particular AES
library used by the server; it is extremely difficult to write constant-time high-speed AES software for common general-purpose computers. This paper discusses several of the obstacles in detail.

The full extent of this attack is not known at this time, but this attack is not new.  It was used back in the late 90's against RSA, as outlined in this essay by Bruce Schneier.  His current blog discusses this with a nice collect of comments that help define the impact of this discovery.
Posted to: Security Comments Post a comment No comments found. Trackbacks

TrackBack URL:
http://blog.xavier.ashe.com/blog/_trackback/866855

No trackbacks found. Search Google Search Translators Chat with me Widgets
 
 
 
 
 
 
 
 
 
 
 
  Random Links Xavier's Monkey Geekin' Paris Hilton's Sex Tape Another Princess Passes Validate my RSS feed GeoURL - Find My Neighbors Office of the National Counterintelligence Executive Giganews Free 5-day Trial National ZIP Code Browser and Lookup The Hitchhiker's Guide to the Galaxy Coupon-Codes.Net Doom9.net mobile17 - Free Ringtone Converter Georgia Tech Information Security Center CyberCrime Summit 2006 Images here, images there, images everywhere Ports Database FrozenTech's LiveCD List Tools -- TechnicalInfo.net Airfarewatchdog.com Linux Magazine's Tip of the Day Falling Sand Game Motivator: Inspire! Motivate! Mock! Oh My Proxy! - Free Anonymous Browsing and Web Proxy White Hat Links All Net Tools - Tool Box - Network BiDiBLAH Browser Security Test CERT Coordination Center Cellular/Mobile Phone Forensics Center for Internet Security CipherTrust - Zombie Statistics DNS Report DNS Stuff FAQ: Firewall Forensics (What am I seeing?) Foundstone Free Tools How to Report Internet-Related Crime Internet Crime Prevention and Control Institute Key Recovery Utilities and Resources Micromuse: NETCOOL/NEUSECURE Network Chemistry - Packetyzer and BlueScanner Network Situational Awareness (NetSA) Open Web Application Security Project (OWASP) Qualys Free Network Security Scanner : Free Security Scan SANS Institute SpamBayes: Windows platform Sys-Security Group The Spamhaus Project - DROP WLSec - Wireless LAN Security Framework Wikto Web Assessment Tool trifinite.org - Bluetooth Security Black Hat Links AccessDiver AntiOnline Astalavista Security Group BLACKLISTED411.COM Crackspider.net! Firewalk IE Exploits InfoHacking John the Ripper password cracker MegaSecurity.org Mezcal :: HTTP request brute force tool Nomad Mobile Research Centre (NMRC) Nomad Mobile Research Centre (NMRC) Password Recovery Software SnadBoy Software Spectorsoft - Netbus Keylogger TheBUGS.ws Tutorials - Rexploit WT: Odysseus Whoppix and WHAX demos hping security tool j0hnny's Google Hacks Database oxid.it Friends Avenir - The Writer's Workshop Dagmar d'Surreal Day in the life of a DJ named ... DougMcClure.net Ex Nihilo Nihil Fit Flickr: Photos from joethepeacock Icarus Rising Keith Landers Royal Classic Jams Short sighted gluttony Spontaneous Sociability and The Enthymeme TankByte The Security Samurai Trekking Through The Uncanny Valley Washburn's World pictures from a robot Alexa Traffic Counter Feed Map Technocrati Chart Posts that contain "Lazy Genius" per day for the last 60 days.

Get your own chart!