|
|
|
|
|
|
by jpab
2145 days ago
|
|
|
Unless it's also a non-cryptographic hash then I don't see how a timing attack does anything interesting here. Timing will potentially tell you how many bytes of the hash match. But finding a password that produces a hash that matches the first N bytes does not help you find a password that matches the N+1th byte, so you're still just left with a brute force attack. What am I missing? (Genuinely curious - I'm not a crypto expert) |
|
|