On Sun, Jun 25, 2017 at 11:43 PM, Ilari Liusvaara <ilariliusva...@welho.com> wrote:
> I understood that the cache probing attack requires much less replays > than the other side-channel ones. And furthermore, distributing the > replays among zones makes the attack easier (because replay with the > cached data hot doesn't tell that much). > In practice with real world HTTP caches, one replay is often sufficient. That's because in addition to the faster load time you can look at the cache headers (like max-age) to pinpoint that it was the replay that put the item in the cache. This would work with DNS too, where TTL or RRSET cycling leaks more information in the same way. Using more zones does help, and if the attacker were targeting a busy cache, then it can certainly help to weed out the noise and increase the likelihood of finding a zone/node where the cache is empty to begin with. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
