[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes for SSTC Telecon (18 Oct 2011)
On 10/24/11 3:56 AM, "Massimiliano Masi" <massimiliano.masi@tiani-spirit.com> wrote: >>Unfortunately it's not just error messages (that's easy to prevent), it's >> also a timing attack. >> > >Yes, that's true. But these attacks are really hard to prevent, AFAIK. That doesn't make them any less relevant. > >Most of the attacks to crypto systems based on oracles, are suffering >from timing problems. Do you think that the paper from Bochum is >suggesting >timing attacks of another kind? No, but there are workarounds that prevent this specific problem that SAML can encourage. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]