Bugtraq mailing list archives
Re: Algorimic Complexity Attacks
From: Nicholas Weaver <nweaver () CS berkeley edu>
Date: Sun, 8 Jun 2003 10:22:35 -0700
On Sun, Jun 08, 2003 at 06:17:38PM +0200, Pavel Kankovsky composed:
We need a function having a (relatively) small set of results in order to build a hash table. We can also assume the information about collisions leaks out via a timing channel. Ergo, a persistent attacker can find enough collisions by trial and error.
IF the hash is good, FINDING collisions doesn't necessarily help the attacker, as the attacker really needs to generate lots of collisions to make the searches O(n) instead of O(1), since that is teh key behind this attack. -- Nicholas C. Weaver nweaver () cs berkeley edu
Current thread:
- Re: Algorimic Complexity Attacks Solar Designer (Jun 01)
- Re: Algorimic Complexity Attacks Pavel Kankovsky (Jun 07)
- Re: Algorimic Complexity Attacks Nicholas Weaver (Jun 07)
- Re: Algorimic Complexity Attacks Pavel Kankovsky (Jun 09)
- Re: Algorimic Complexity Attacks Nicholas Weaver (Jun 09)
- Re: Algorimic Complexity Attacks Pavel Kankovsky (Jun 23)
- Re: Algorimic Complexity Attacks Götz Babin-Ebell (Jun 24)
- Re: Algorimic Complexity Attacks Nicholas Weaver (Jun 07)
- Re: Algorimic Complexity Attacks Pavel Kankovsky (Jun 07)