[转载]Remote Timing Attacks are Practical
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore security systems should defend against them.
页:
[1]