On Wed, 13 Apr 2011, Marsh Ray wrote: > Only in cases where the element is found though, the last bit only needs > to be checked if all the preceding bits matched. In the normal > (non-attack) case the "s3r34l number" isn't found.
It depends on whether one talks about the worst-case complexity or about the average-case complexity. Anyway, there is much more computation beyond the mere blacklist search: it is necessary to receive the certificate from the network (all bits must be read on order to complete the handshake) and to verify its digital signature (all bits must be hashed) or to find it in some kind of cache of verified certs (a positive result is needed here, therefore all bits must be checked and match). -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21st century edition / _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
