Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
5 check-ins for the month beginning 2011-10-01 by user dmitry
Following month ↑|
2011-10-04
| ||
| 15:20 | Add HMAC-SHA1 implementation. Closed-Leaf check-in: dcee34b25f user: dmitry tags: multisession | |
| 15:15 | Merge protection against timing attacks into trunk. check-in: d4a341b49d user: dmitry tags: trunk | |
| 14:38 | Merge trunk into dmitry-security branch. Closed-Leaf check-in: f4eb0f5afc user: dmitry tags: dmitry-security | |
| 14:34 | Rename constant_time_eq to constant_time_cmp to better indicate that these functions return 0 when values are equal, like memcmp, strcmp, etc., not truth, to avoid possible mistakes. check-in: d244c484e7 user: dmitry tags: dmitry-security | |
| 14:28 |
Revert the previous change after thinking more about it.
Login cards in the sync protocol have the following format: login userid nonce signature Nonce is SHA-1 of the message that follows this line, signature is SHA-1 of the concatenation of the nonce and user's shared secret. The successful timing attack can reveal only signature for this p... check-in: 13a9a1244c user: dmitry tags: dmitry-security | |