The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - March-April (2013 vol.11)
pp: 80-82
Adrian Hayes , Security-Assessment.com
ABSTRACT
The common wisdom is that string comparison timing attacks against a hashed password are impossible. However, these attacks can still be effective if attackers give up on the ideal of stealing all the characters representing the user's password or the entire hash.
INDEX TERMS
Network security, Computer security, Authentication, Access control, computer security, network service authentication timing attacks, SHA-1, timing attacks, hash functions, side-channel attacks
CITATION
Adrian Hayes, "Network Service Authentication Timing Attacks", IEEE Security & Privacy, vol.11, no. 2, pp. 80-82, March-April 2013, doi:10.1109/MSP.2013.39
REFERENCES
1. S.A. Crosby, D.S. Wallach, and R.H. Riedi, "Opportunities and Limits of Remote Timing Attacks," ACM Trans. Information and System Security, vol. 12, no. 3, 2009, article 17.
5 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool