[Haskell-cafe] Tor project
Wojtek Narczyński
wojtek at power.com.pl
Thu Jul 31 21:11:05 UTC 2014
On 31.07.2014 18:59, Adam Wick wrote:
> As for TLS, it is possible that timing attacks based on a functional language implementation could be more likely than those for a traditional C implementation. (...) I don’t believe the balance has been studied, but it’d be interesting.
>
I believe no evidence is available, not even anecdotal. And it would be
rather expensive a subject to study.
But, AFAIK, the (necessary and sufficient) protection against timing
attacks is the addition of randomized waits. In the protocol layer, not
in pure encryption/decryption/hashing routines. I strive not to use
words I don't understand, but I have the M. word in mind for structuring
such a computation.
In other words, I think it is a myth.
--
Kind regards,
Wojtek N.
More information about the Haskell-Cafe
mailing list