User: Password:
|
|
Subscribe / Log in / New account

Security quotes of the week

Security quotes of the week

Posted Oct 25, 2012 15:43 UTC (Thu) by wahern (subscriber, #37304)
In reply to: Security quotes of the week by tpo
Parent article: Security quotes of the week

Also, FWIW, newer Intel and AMD chips have instructions for implementing GCM in hardware.


(Log in to post comments)

Security quotes of the week

Posted Oct 25, 2012 18:04 UTC (Thu) by tpo (subscriber, #25713) [Link]

> FWIW, newer Intel and AMD chips have instructions for implementing GCM in hardware.

As far as I understand Langley's article GCM is only one part of the problem. Is the other part of the problem also resolved by those machine instructions?

In case it would be, would that mean that as long as your SW runs on "newer" machines and actually uses those instructions for AES, you're safe and protected against known sidechannel attacks in software?

Also, as far as I understood OpenSSL is *still* doing table lookups but have reduced the table sizes so as not to cause that much cache churn. Would that have made the attack harder or impossible? Harder by several orders of magnitude or by several factors?

And what about the current typical SW stack? If I do a "cat /proc/memory | grep AES", how many of the typical processes running there actually use safe AES implementations? Does the kernel?

Security quotes of the week

Posted Oct 25, 2012 20:48 UTC (Thu) by wahern (subscriber, #37304) [Link]

All of those concerns--if borne out--fall short of security theater. OpenSSL probably still has buffer overflows, like most other complex crypto stacks, lurking somewhere. Granted, that's different than the timing attacks, which arguably could be considered design flaws in the algorithm. But none of those mean that they're unusable, they're just far from perfect.

On the other hand, the process of checking people's shoes at the airport isn't merely suboptimal. It's not like we're doing it wrong. It's that we have no evidence its worthwhile at all, and it may even be counterproductive. It's a stretch to argue that ripping out AES and similar algorithms would improve the state of network security.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds