OpenSSL

• Previous message (by thread): OpenSSL
• Next message (by thread): OpenSSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > While the timing attack is the attack against the SSL server, it is my
> > reading of the paper that the attacks' success largely depends on ability to
> > tightly control the time it takes to communicate with a service using SSL.
> > Currently, such control is rather difficult to achive on links other than
> > ethernet.
> >
> Doesn´t MPLS provide consistent delay and minimal jitter and thus SSL
> servers connected to MPLS networks are more suspectible to attack?

Have you seen MPLS cards for servers being widely deployed?  :) 
The smaller the number of router(s) sitting between attacker and the target,
the closer attacker can control the timing.

Alex

• Previous message (by thread): OpenSSL
• Next message (by thread): OpenSSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]