[56823] in North American Network Operators' Group
Re: OpenSSL
daemon@ATHENA.MIT.EDU (alex@yuriev.com)
Tue Mar 18 10:37:18 2003
Date: Tue, 18 Mar 2003 10:36:48 -0500 (EST)
From: alex@yuriev.com
To: nanog@merit.edu
In-Reply-To: <02c001c2ed60$734b4030$932a40c1@PHE>
Errors-To: owner-nanog-outgoing@merit.edu
> > While the timing attack is the attack against the SSL server, it is my
> > reading of the paper that the attacks' success largely depends on abili=
ty to
> > tightly control the time it takes to communicate with a service using S=
SL.
> > Currently, such control is rather difficult to achive on links other th=
an
> > ethernet.
> >
> Doesn=B4t MPLS provide consistent delay and minimal jitter and thus SSL
> servers connected to MPLS networks are more suspectible to attack?
Have you seen MPLS cards for servers being widely deployed? :)=20
The smaller the number of router(s) sitting between attacker and the target=
,
the closer attacker can control the timing.
Alex
