Re: Random delay as a countermeasure to timing attacks

David Wagner wrote:
One possible hypothesis:
- the signal has a Gaussian distribution,
- the noise (the delay you add, plus any other random noise)
has a Gaussian distribution, and
- all of these contributions are independent.
Then it's easy to see that the S/N ratio goes up linearly
with the standard deviation of the noise, and goes down
proportional to the square root of the number of measurements,
leading to your desired result.

Oops, I think I meant that the signal is 0 or 1
(has a Bernoulli distribution). That's the simplest case,
because then you are just distinguishing between two
distributions: X and 1+X, where X ~ N(\mu,\sigma^2) for
some values of \mu,\sigma. You should be able to compute
the variation distance between these two distributions (as
a function of \sigma) using calculus, and I believe you'll
find that you need \sigma ~ 1 to have some non-negligible
chance of distinguishing. (If \sigma << 1, you're out of luck.)