Eric Norman wrote: > If I understand the alleged attack correctly, it depends on the timing > difference if a standard > byte sequence comparison is "optimized" by exiting as soon as two bytes > differ.
I suggest you read the references linked from the original post. In particular, "Opportunities and limits of remote timing attacks" by Crosby et al. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.9811 Their result was around 20 microseconds of visibility over the WAN and 100 nanoseconds on the LAN. We wouldn't be publishing our own work if we hadn't been able to do at least that well, right? You'll have to wait for the actual numbers though. Our talk will cover exactly how different languages are vulnerable to this attack from the various vantage points. BTW, with providers like Amazon AWS and Slicehost, you have to assume an attacker has a LAN-equivalent vantage point. So you've needed to protect against at least 100 ns distinguishability for several years now. I wouldn't take that bet on behalf of my users. I'd just fix the code. -- Nate Lawson Root Labs :: www.rootlabs.com +1 (510) 595-9505 / (415) 305-5638 mobile Solving embedded security, kernel and crypto challenges _______________________________________________ security mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-security
