Tag: timing attacks
-
Hacker News: Constant-Time Code: The Pessimist Case [pdf]
Source URL: https://eprint.iacr.org/2025/435.pdf Source: Hacker News Title: Constant-Time Code: The Pessimist Case [pdf] Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the challenges and pessimistic outlook surrounding the implementation of constant-time coding in cryptographic software, especially in the light of modern compiler optimization techniques and the increasing complexity of CPU architectures.…
-
Hacker News: Constant-time coding will soon become infeasible
Source URL: https://eprint.iacr.org/2025/435 Source: Hacker News Title: Constant-time coding will soon become infeasible Feedly Summary: Comments AI Summary and Description: Yes Summary: This paper discusses the challenges and shortcomings associated with writing secure cryptographic software that is free from timing-based side-channels. It presents a pessimistic view on the feasibility of constant-time coding, suggesting that failures…
-
Hacker News: Fun with Timing Attacks
Source URL: https://ostro.ws/post-timing-attacks Source: Hacker News Title: Fun with Timing Attacks Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides an in-depth examination of a potential vulnerability within a simple JavaScript function used to compare user input against a secret value. It emphasizes how timing attacks can exploit non-constant-time comparison functions like…
-
Hacker News: Uncovering Real GPU NoC Characteristics: Implications on Interconnect Arch.
Source URL: https://people.ece.ubc.ca/aamodt/publications/papers/realgpu-noc.micro2024.pdf Source: Hacker News Title: Uncovering Real GPU NoC Characteristics: Implications on Interconnect Arch. Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed examination of the Network-on-Chip (NoC) architecture in modern GPUs, particularly analyzing interconnect latency and bandwidth across different generations of NVIDIA GPUs. It discusses the implications…
-
MCP Server Cloud – The Model Context Protocol Server Directory: Slowtime MCP Server – MCP Server Integration
Source URL: https://mcpserver.cloud/server/slowtime-mcp-server Source: MCP Server Cloud – The Model Context Protocol Server Directory Title: Slowtime MCP Server – MCP Server Integration Feedly Summary: AI Summary and Description: Yes **Summary:** The text outlines the architecture and functionality of the Slowtime MCP Server, which utilizes a Model Context Protocol for secure time-based operations, highlighting its features…
-
Hacker News: Double-keyed caching: Browser cache partitioning
Source URL: https://addyosmani.com/blog/double-keyed-caching/ Source: Hacker News Title: Double-keyed caching: Browser cache partitioning Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the transition from traditional web caching models to Double-keyed Caching due to privacy concerns. This change fundamentally alters resource retrieval and storage in browsers, impacting performance and impacting web architecture strategies.…
-
Hacker News: Listen to the whispers: web timing attacks that work
Source URL: https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work Source: Hacker News Title: Listen to the whispers: web timing attacks that work Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text introduces novel web timing attack techniques capable of breaching server security by exposing hidden vulnerabilities, misconfigurations, and attack surfaces more effectively than previous methods. It emphasizes the practical…
-
Hacker News: The Cryptographic Doom Principle (2011)
Source URL: https://moxie.org/2011/12/13/the-cryptographic-doom-principle.html Source: Hacker News Title: The Cryptographic Doom Principle (2011) Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text presents the “Cryptographic Doom Principle,” emphasizing the vulnerabilities inherent in performing cryptographic operations before verifying Message Authentication Codes (MACs). Two key examples illustrate how this principle can lead to security breaches, including…