BugTraq
Algorimic Complexity Attacks May 29 2003 08:33PM
Scott A Crosby (scrosby cs rice edu) (1 replies)
Re: Algorimic Complexity Attacks May 31 2003 03:13AM
Solar Designer (solar openwall com) (1 replies)
Re: Algorimic Complexity Attacks Jun 07 2003 05:01PM
Pavel Kankovsky (peak argo troja mff cuni cz) (1 replies)
Re: Algorimic Complexity Attacks Jun 07 2003 07:35PM
Nicholas Weaver (nweaver CS berkeley edu) (1 replies)
Re: Algorimic Complexity Attacks Jun 08 2003 04:17PM
Pavel Kankovsky (peak argo troja mff cuni cz) (1 replies)
Re: Algorimic Complexity Attacks Jun 08 2003 05:22PM
Nicholas Weaver (nweaver CS berkeley edu) (2 replies)
On Sun, Jun 08, 2003 at 06:17:38PM +0200, Pavel Kankovsky composed:
>
> We need a function having a (relatively) small set of results in order to
> build a hash table. We can also assume the information about collisions
> leaks out via a timing channel. Ergo, a persistent attacker can find
> enough collisions by trial and error.

IF the hash is good, FINDING collisions doesn't necessarily help the
attacker, as the attacker really needs to generate lots of collisions
to make the searches O(n) instead of O(1), since that is teh key
behind this attack.

--
Nicholas C. Weaver nweaver (at) cs.berkeley (dot) edu [email concealed]

[ reply ]
Re: Algorimic Complexity Attacks Jun 24 2003 06:45PM
Götz Babin-Ebell (babin-ebell trustcenter de)
Re: Algorimic Complexity Attacks Jun 22 2003 10:31AM
Pavel Kankovsky (peak argo troja mff cuni cz)


 

Privacy Statement
Copyright 2010, SecurityFocus