Remote timing attacks are practical
Results 1 to 2 of 2

Thread: Remote timing attacks are practical

  1. #1
    Member
    Join Date
    Nov 2002
    Posts
    32

    Exclamation Remote timing attacks are practical

    Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore all security systems should defend against them.

    http://crypto.stanford.edu/~dabo/abs...sl-timing.html
    ISS you are the besthttp://www.issadvisor.com/images/personal/pisson.gifbecause you piss on the rest

    [gloworange]www.issadvisor.com [/gloworange]

  2. #2
    Member
    Join Date
    Nov 2002
    Posts
    32

    Exclamation Remote timing attacks are practical

    Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore all security systems should defend against them.

    http://crypto.stanford.edu/~dabo/abs...sl-timing.html
    ISS you are the besthttp://www.issadvisor.com/images/personal/pisson.gifbecause you piss on the rest

    [gloworange]www.issadvisor.com [/gloworange]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides