[Haskell-cafe] Tor project

Wojtek Narczyński wojtek at power.com.pl
Thu Jul 31 21:11:05 UTC 2014

On 31.07.2014 18:59, Adam Wick wrote:
> As for TLS, it is possible that timing attacks based on a functional language implementation could be more likely than those for a traditional C implementation. (...) I don’t believe the balance has been studied, but it’d be interesting.
I believe no evidence is available, not even anecdotal. And it would be 
rather expensive a subject to study.

But, AFAIK, the (necessary and sufficient) protection against timing 
attacks is the addition of randomized waits. In the protocol layer, not 
in pure encryption/decryption/hashing routines. I strive not to use 
words I don't understand, but I have the M. word in mind for structuring 
such a computation.

In other words, I think it is a myth.

Kind regards,
Wojtek N.

More information about the Haskell-Cafe mailing list