[security] Widespread Timing Vulnerabilities in OpenID implementations
Eric Norman
ejnorman at doit.wisc.edu
Wed Jul 14 06:12:56 UTC 2010
If I understand the alleged attack correctly, it depends on the timing difference if a standard
byte sequence comparison is "optimized" by exiting as soon as two bytes differ.
Has code been written that actually demonstrates that this can be effective? That is, has code
been written to demonstrate that the time to execute, for instance, about two instructions
between failure of the byte comparison at the first byte and failure at the second byte can
actually be detected over a network?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2090 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20100714/02fac522/attachment.bin>
More information about the security
mailing list