[Haskell-cafe] Tor project
Friedrich Wiemer
friedrichwiemer at gmail.com
Fri Aug 1 06:59:20 UTC 2014
A comparision would be interesting though. I'm aware of constant time
implementations of cryptographic functions to reduce timing issues, but
these are often coded in C or ASM - I have no clue if this would be
possible in a functional language, as the compiler has to know not to
optimize for short cuts or anything in the code?
On 08/01/2014 02:05 AM, Dario Bertini wrote:
> On Thu, Jul 31, 2014 at 2:11 PM, Wojtek Narczyński <wojtek at power.com.pl> wrote:
>> But, AFAIK, the (necessary and sufficient) protection against timing attacks
>> is the addition of randomized waits. In the protocol layer, not in pure
>> encryption/decryption/hashing routines.
>
> I agree that we don't have a lot of evidence for/against timing
> attacks in functional languages (that I know of).
>
> But adding a randomized delay never seemed the correct solution to me
> (granted, I had the luck to never had to write code sensitive to such
> issues, and I never wrote a timing attack exploit either), I don't
> think that doing it in the protocol layer makes it neither necessary
> nor sufficient.
>
> http://rdist.root.org/2010/01/07/timing-independent-array-comparison/
>
> This explains the pitfalls in some possible timing attack misconceptions
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20140801/a4d3f3bf/attachment.sig>
More information about the Haskell-Cafe
mailing list