> Without even looking at the stuff, let me throw in the air a TSCM-relevant
> aspect of crypto most people haven't seriously thought about, with my guess
> being that they haven't either: code timing attacks. In real time
> communication those are particularly insidious, because they can be evoked
> with very little interfering energy, and are prone to leading to
> retransmissions which involve the cryptographic circuitry/code.
We also should not forget a possible point of compromise: the random
number generator itself.
http://en.wikipedia.org/wiki/Random_number_generator_attack
http://en.wikipedia.org/wiki/CryptGenRandom
An important concept somewhat related to other sub-topic of this thread is
deniable encryption.
http://en.wikipedia.org/wiki/Deniable_encryption
Received on Sat Mar 02 2024 - 00:57:25 CST