This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Network Service Authentication Timing Attacks
March-April 2013 (vol. 11 no. 2)
pp. 80-82
Adrian Hayes, Security-Assessment.com
The common wisdom is that string comparison timing attacks against a hashed password are impossible. However, these attacks can still be effective if attackers give up on the ideal of stealing all the characters representing the user's password or the entire hash.
Index Terms:
Network security,Computer security,Authentication,Access control,computer security,network service authentication timing attacks,SHA-1,timing attacks,hash functions,side-channel attacks
Citation:
Adrian Hayes, "Network Service Authentication Timing Attacks," IEEE Security & Privacy, vol. 11, no. 2, pp. 80-82, March-April 2013, doi:10.1109/MSP.2013.39
Usage of this product signifies your acceptance of the Terms of Use.