Re: Proposed text to add to security considerations

Thanks Hal

I understand the intent of the last sentence but wonder whether rather than "generate alerts" it might be better to say stop processing requests from that origin?

Otherwise I think this is good and I think we should incorporate into XML Encryption 1.1 editors draft.

regards, Frederick

Frederick Hirsch
Nokia



On Aug 16, 2011, at 11:53 AM, ext Hal Lockhart wrote:

> Here is what I had in mind.
> 
> 6.7 Timing Attacks
> 
> It has been known for some time that it is feasible for an attacker to recover keys or cleartext by repeatedly sending chosen ciphertext and measuring the time required to process different requests with different types of errors. It has been demonstrated that attacks of this type are practical even when communicating over large and busy networks, especially if the receiver is willing to process large blocks of ciphertext. 
> 
> Implementers SHOULD ensure that distinct errors detected during security algorithm processing do not consume systematically different amounts of processing time from each other. Implementers SHOULD consult the technical literature for more details on specific attacks and recommended countermeasures.
> 
> Deployments SHOULD generate alerts when a large number of security algorithm processing errors are detected within a short period of time, especially in messages from the same origin.
> 
> 
> 
> Hal
> 

Received on Tuesday, 16 August 2011 16:00:13 UTC