Andrew P. Lentvorski, Jr. wrote: > > However, I seem to recall that there were some exploits that used the > speed of a hashing function to mount an attack ie. the speed of the > hashing function was dependent upon the data input. By sending > carefully crafted messages, an attacker could actually retrieve key > information somehow. Please don't ask me for a reference, as I would > include it in this email if I had it handy.
http://cops.csci.unt.edu/sciss/2004/02/ = Comparing the limits of these attacks with the processing time of = strcmp(), we have concluded that the hash table attack is not = practical. -john -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
