Sponsor of the Day:
Jerkmate
https://paragonie.com/blog/2015/11/preventing-timing-attacks-on-string-comparison-with-double-hmac-strategy
Preventing Timing Attacks on String Comparison with a Double HMAC Strategy - Paragon Initiative...
Preventing side-channel attacks (i.e. timing attacks on MAC validation) and dangerous compiler optimizations with a blinded comparison.
timing attacksstring comparisonpreventingdoublehmac
https://tom.vg/2016/08/browser-based-timing-attacks/
Timing Attacks in the Modern Web - tom.vg
timing attacksmodern webtom vg
https://www.usenix.org/conference/12th-usenix-security-symposium/remote-timing-attacks-are-practical
Remote Timing Attacks Are Practical | USENIX
timing attacksremotepracticalusenix
https://bugzilla.mozilla.org/show_bug.cgi?id=577498
577498 - Server side of TLS RSA key exchange is vulnerable to timing attacks
RESOLVED (nobody) in NSS - Libraries. Last updated 2020-07-02.
server sidersa keytiming attackstlsexchange
https://www.sjoerdlangkemper.nl/2016/04/21/combining-csrf-with-timing-attacks/
Combining CSRF and timing attacks
In a CSRF attack it is typically not possible for the attacker to retrieve the result of the forged requests. In this post we show that by measuring the time...
timing attackscombiningcsrf
https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/vila
Loophole: Timing Attacks on Shared Event Loops in Chrome | USENIX
timing attacksevent loopsloopholesharedchrome
https://arxiv.org/abs/1706.06381
[1706.06381] KeyDrown: Eliminating Keystroke Timing Side-Channel Attacks
Abstract page for arXiv paper 1706.06381: KeyDrown: Eliminating Keystroke Timing Side-Channel Attacks
side channel attacks1706eliminatingkeystroketiming