

Timing attack on Arduino - epsylon
http://eax64.github.io/2015/04/10/timing-attack-on-arduino.html

======
edude03
While I realize this was an example of how side channel attacks work, timing
attack happen over and over again in the real world, for example back in 2008
the xbox 360 per console key could be recovered allowing downgrading to a
vulnerable kernel.

[http://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack](http://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack)

For the curious, the solution is to use a constant time comparison function,
which can usually be done by not returning until the end of the comparison
loop

~~~
hackcasual
or-of-xor's is the traditional approach, from PHP's password_verify:

    
    
      for (i = 0; i < hash_len; i++) {
        status |= (ret[i] ^ hash[i]);
      }
    

This works well enough, and doing something more clever runs the risk of the
compiler optimizing out padding code.

