> > While the timing attack is the attack against the SSL server, it is my > > reading of the paper that the attacks' success largely depends on ability to > > tightly control the time it takes to communicate with a service using SSL. > > Currently, such control is rather difficult to achive on links other than > > ethernet. > > > Doesn�t MPLS provide consistent delay and minimal jitter and thus SSL > servers connected to MPLS networks are more suspectible to attack?
Have you seen MPLS cards for servers being widely deployed? :) The smaller the number of router(s) sitting between attacker and the target, the closer attacker can control the timing. Alex
