Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add description of various timer related vulnerabilities to the security and privacy sections #102

Open
yoavweiss opened this issue Oct 6, 2020 · 1 comment
Open

Add description of various timer related vulnerabilities to the security and privacy sections #102

yoavweiss opened this issue Oct 6, 2020 · 1 comment
Assignees
@noamr
Labels
hackathon_2020

Comments

@yoavweiss
Copy link
Contributor

In #79 (comment) we outlined a bunch of timing related attacks, required granularity for them and potential mitigations. It might make sense to add relevant ones to the Security & Privacy sections, as examples implementers should be aware of.
@jyasskin
Copy link
Member

One particular attack: we should cite Fantastic Timers (https://gruss.cc/files/fantastictimers.pdf) and mention edge-based timing as a thing implementations should consider mitigating.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@noamr noamr

Labels
hackathon_2020
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jyasskin @noamr @yoavweiss