Hacker News new | past | comments | ask | show | jobs | submit login

rand() produces linear distributon, which is uniform. Do I understand properly that rand() + rand() would return normal distribution, so #2, for which you can determine the non uniformity?

What would be a proper first step to harden API for timing attacks?




Adding any random noise, even perfect randomness, doesn't prevent the attack. It just means the attacker needs more samples.


rand() + rand() does not produce normal, but adding together a few thousand rands does start to approach it. Central limit theorem.


rand() + rand() does not give normal. If there is any statistical difference between the timings, it's in theory possible to break.

An easy mitigation would be to just drop the card number into a queue and process asynchronously without waiting and returning to the user.


Flood the queue with invalid numbers and timings can still be worked out.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: