Tag: timing attacks
-
Hacker News: Listen to the whispers: web timing attacks that work
Source URL: https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work Source: Hacker News Title: Listen to the whispers: web timing attacks that work Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text introduces novel web timing attack techniques capable of breaching server security by exposing hidden vulnerabilities, misconfigurations, and attack surfaces more effectively than previous methods. It emphasizes the practical…
-
Hacker News: The Cryptographic Doom Principle (2011)
Source URL: https://moxie.org/2011/12/13/the-cryptographic-doom-principle.html Source: Hacker News Title: The Cryptographic Doom Principle (2011) Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text presents the “Cryptographic Doom Principle,” emphasizing the vulnerabilities inherent in performing cryptographic operations before verifying Message Authentication Codes (MACs). Two key examples illustrate how this principle can lead to security breaches, including…