General Information

Remote Timing Attack

Variants:
Direct 

Also Known As:
Cache-timing Attack - Cryptography Variant, Remote side channel attack

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, String Comparison

Invented In:
14/04/2005

Added In:
29/12/2014


Vector Operation Method:
Remotely enumerate strings by intentionally sending overly long inputs with potentially valid characters in order.


Direct Variant:

Remote Timing Attack

Variant Title:
Remote Timing Attack

Typical Severity:
Medium

Learn More: