ircmaxell's Blog
  • Home
  • GitHub
  • Resume
Word of Forks
Home GitHub Resume

It's All About Time

Nov 28, 2014
Security

An interesting pull request has been opened against PHP to make bin2hex() constant time. This has lead to some interesting discussion on the mailing list (which even got me to reply :-X). There has been pretty good coverage over remote timing attacks in PHP, but they talk about string comparison. I’d like to talk about other types of timing attacks.

Read More
PHP Programming Security PHP-Internals Timing-Attack
Anthony Ferrara
Technologist, leader and purveyor of rants. All opinions my own.
Email
blog@ircmaxell.com
Resume
On GitHub
GitHub
ircmaxell
Twitter
@ircmaxell
YouTube
ircmaxell
LinkedIn
ircmaxell
If you're using an adblocker, please consider supporting this site via Patreon or PayPal
Categories
  • Architecture
    14
  • Community
    1
  • Hobby
    2
  • Home Networking
    1
  • Meta
    20
  • Open Source
    5
  • Other
    3
  • PHP
    13
  • Performance
    1
  • Process
    1
  • Programming
    23
  • Rant
    14
  • Security
    25
  • Slides
    15
  • Testing
    2
  • Video
    12
Tags
8-bit Computer API Agile Analysis Anatomy of an Attack Answers Anti-Paradigm Anti-Pattern Architecture Arduino Autoloading BCrypt Best Practice Beyond Books Build CSRF Career Change Closures Code Review Comments Community Compiler Composition Computer Conference CryptLib Cryptography Data Structures Database Dependency Injection Design Design Patterns Disclosure Drupal Economics Education Email Response Engineering Events Exceptions External-Post Forward Compatibility Framework Functional Programming Generators Global Variables Good Enough Google Glass HHVM Hardware Hobby Home IT Inconsistencies Internet Interviews Iterators Javascript Jenkins JitFu Language Agnostic Language-Design Large Scale Applications Learning Lexer Library Logic Logic Gates MVC Mathematics Meta Micro Framework Middleware Monads Networking Object Oriented Programming Open Source Open Standards Optimization PHP PHP Source Code For PHP Developers Series PHP-FIG PHP-Internals PHP-Versions Parser Passion Password-Hashing PasswordLib Performance Philosophy Presentation Procedural Programming Programming Programming With Anthony Promise Radix Tree Rainbow Table Random Rant Recki-CT Response Responsive Design Review Routing Ruby Ruby-On-Rails SQL Injection Scalar Scrum Security Sexism Silly Slides StackOverflow Templates Thoughts Timing-Attack Traits Trie Trolls Trust Types Unit Testing Video WTF Web Application Security Series Web Design Weird Behavior Wiring WordPress Work XSS Year In Review libgccjit libjit llvm
Copyright ©2011-2023 Anthony Ferrara, all rights reserved.