18 Mar
2003
18 Mar
'03
10:36 a.m.
While the timing attack is the attack against the SSL server, it is my reading of the paper that the attacks' success largely depends on ability to tightly control the time it takes to communicate with a service using SSL. Currently, such control is rather difficult to achive on links other than ethernet.
Doesn�t MPLS provide consistent delay and minimal jitter and thus SSL servers connected to MPLS networks are more suspectible to attack?
Have you seen MPLS cards for servers being widely deployed? :) The smaller the number of router(s) sitting between attacker and the target, the closer attacker can control the timing. Alex