Tag: timing attack
-
Hacker News: Constant-Time Code: The Pessimist Case [pdf]
Source URL: https://eprint.iacr.org/2025/435.pdf Source: Hacker News Title: Constant-Time Code: The Pessimist Case [pdf] Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the challenges and pessimistic outlook surrounding the implementation of constant-time coding in cryptographic software, especially in the light of modern compiler optimization techniques and the increasing complexity of CPU architectures.…
-
Hacker News: Constant-time coding will soon become infeasible
Source URL: https://eprint.iacr.org/2025/435 Source: Hacker News Title: Constant-time coding will soon become infeasible Feedly Summary: Comments AI Summary and Description: Yes Summary: This paper discusses the challenges and shortcomings associated with writing secure cryptographic software that is free from timing-based side-channels. It presents a pessimistic view on the feasibility of constant-time coding, suggesting that failures…
-
Hacker News: Fun with Timing Attacks
Source URL: https://ostro.ws/post-timing-attacks Source: Hacker News Title: Fun with Timing Attacks Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides an in-depth examination of a potential vulnerability within a simple JavaScript function used to compare user input against a secret value. It emphasizes how timing attacks can exploit non-constant-time comparison functions like…
-
Hacker News: Uncovering Real GPU NoC Characteristics: Implications on Interconnect Arch.
Source URL: https://people.ece.ubc.ca/aamodt/publications/papers/realgpu-noc.micro2024.pdf Source: Hacker News Title: Uncovering Real GPU NoC Characteristics: Implications on Interconnect Arch. Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed examination of the Network-on-Chip (NoC) architecture in modern GPUs, particularly analyzing interconnect latency and bandwidth across different generations of NVIDIA GPUs. It discusses the implications…
-
MCP Server Cloud – The Model Context Protocol Server Directory: Slowtime MCP Server – MCP Server Integration
Source URL: https://mcpserver.cloud/server/slowtime-mcp-server Source: MCP Server Cloud – The Model Context Protocol Server Directory Title: Slowtime MCP Server – MCP Server Integration Feedly Summary: AI Summary and Description: Yes **Summary:** The text outlines the architecture and functionality of the Slowtime MCP Server, which utilizes a Model Context Protocol for secure time-based operations, highlighting its features…
-
Hacker News: Double-keyed caching: Browser cache partitioning
Source URL: https://addyosmani.com/blog/double-keyed-caching/ Source: Hacker News Title: Double-keyed caching: Browser cache partitioning Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the transition from traditional web caching models to Double-keyed Caching due to privacy concerns. This change fundamentally alters resource retrieval and storage in browsers, impacting performance and impacting web architecture strategies.…
-
Hacker News: Listen to the whispers: web timing attacks that work
Source URL: https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work Source: Hacker News Title: Listen to the whispers: web timing attacks that work Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text introduces novel web timing attack techniques capable of breaching server security by exposing hidden vulnerabilities, misconfigurations, and attack surfaces more effectively than previous methods. It emphasizes the practical…
-
Wired: YubiKeys Are a Security Gold Standard—but They Can Be Cloned
Source URL: https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/ Source: Wired Title: YubiKeys Are a Security Gold Standard—but They Can Be Cloned Feedly Summary: Security researchers have discovered a cryptographic flaw that leaves the YubiKey 5 vulnerable to attack. AI Summary and Description: Yes Summary: The text discusses a critical vulnerability in the YubiKey 5 hardware token due to a side-channel…