Scheduled System Maintenance:
On May 6th, single article purchases and IEEE account management will be unavailable from 8:00 AM - 5:00 PM ET (12:00 - 21:00 UTC). We apologize for the inconvenience.
By Topic

Network Service Authentication Timing Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
1 Author(s)

The common wisdom is that string comparison timing attacks against a hashed password are impossible. However, these attacks can still be effective if attackers give up on the ideal of stealing all the characters representing the user's password or the entire hash.

Published in:

Security & Privacy, IEEE  (Volume:11 ,  Issue: 2 )