undefined | Better HN

0 pointsbee_rider3y ago0 comments

I'm not sure I follow this comment.

Adding a random amount of time seems like a reasonable thing to do.

Not sure what the links are all about, or the discussion of time complexity... I mean, there isn't an "input size" to talk about big-O scaling anyway, in the case of sudo.

0 comments

westurner3y ago

Should the time to complete the (single-character) password-hashing/key-strengthening routine vary in relation to any aspect of the input ?

Timing attacks > Avoidance https://en.wikipedia.org/wiki/Timing_attack

j / k navigate · click thread line to collapse