Re: [Quixote-users] Timing attacks against session cookies

Mon, 26 Jul 2010 07:30:12 -0700 

On Mon, Jul 26, 2010 at 10:08:18AM -0400, Binger David wrote:
> What if hash lookup failures do no return until they have completed
> a randomized time-obscuring operation?

That makes the attack more difficult (more attempts needed) but
doesn't prevent it.

  Neil
_______________________________________________
Quixote-users mailing list
[email protected]
http://mail.mems-exchange.org/mailman/listinfo/quixote-users

Reply via email to