top | item 9727817 (no title) Nogwater | 10 years ago What if they hack your dropbox account and get a copy of the vault that way? They're not on your box, but now they can try to break into your vault. discuss order hn newest gnud|10 years ago Well, the decryption code is open source. And they have the ciphertext. So what does a timing attack give the attacker?If keeppass removes the possible timing attack, the attacker could just add it back in and use their own client, if they have a copy of your database. imglorp|10 years ago Then a timing side channel is not relevant, because they won't be watching you operate the vault. Right?
gnud|10 years ago Well, the decryption code is open source. And they have the ciphertext. So what does a timing attack give the attacker?If keeppass removes the possible timing attack, the attacker could just add it back in and use their own client, if they have a copy of your database.
imglorp|10 years ago Then a timing side channel is not relevant, because they won't be watching you operate the vault. Right?
gnud|10 years ago
If keeppass removes the possible timing attack, the attacker could just add it back in and use their own client, if they have a copy of your database.
imglorp|10 years ago