OK, I'll move this out of the "if you can do a lot of replays" section
On Mon, Jun 26, 2017 at 10:25 AM, Colm MacCárthaigh <c...@allcosts.net> wrote: > > > On Sun, Jun 25, 2017 at 11:43 PM, Ilari Liusvaara < > ilariliusva...@welho.com> wrote: > >> I understood that the cache probing attack requires much less replays >> than the other side-channel ones. And furthermore, distributing the >> replays among zones makes the attack easier (because replay with the >> cached data hot doesn't tell that much). >> > > In practice with real world HTTP caches, one replay is often sufficient. > That's because in addition to the faster load time you can look at the > cache headers (like max-age) to pinpoint that it was the replay that put > the item in the cache. This would work with DNS too, where TTL or RRSET > cycling leaks more information in the same way. > > Using more zones does help, and if the attacker were targeting a busy > cache, then it can certainly help to weed out the noise and increase the > likelihood of finding a zone/node where the cache is empty to begin with. > > -- > Colm >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
