On Jul 26, 2010, at 10:28 AM, Neil Schemenauer wrote: > On Mon, Jul 26, 2010 at 10:08:18AM -0400, Binger David wrote: >> What if hash lookup failures do no return until they have completed >> a randomized time-obscuring operation? > > That makes the attack more difficult (more attempts needed) but > doesn't prevent it.
Okay, what if the algorithm ensures that some fixed amount of time passes for hash lookup failures? record time try lookup if fail, sleep until time + 1s _______________________________________________ Quixote-users mailing list [email protected] http://mail.mems-exchange.org/mailman/listinfo/quixote-users
