I hope people take your advice and actually read the OpenSSL Advisory, which does a fairly good job of explaining the problem and the fix. This is an implementation "flaw" only in the sense that the implementation failed to protect against a previously unknown timing attack. OpenSSL is almost certainly not the only implementation to get this wrong. Wonder how long it will be before someone finds this flaw in MS's CryptoAPI libraries?
That isn't what the article said at all. Read section 5.3 of the report again. The passwords used in the experiment are randomly generated. The algorithm presented generates a list of high-probablility passwords, based on the timing.
Slashdot Mirror
I hope people take your advice and actually read the OpenSSL Advisory, which does a fairly good job of explaining the problem and the fix. This is an implementation "flaw" only in the sense that the implementation failed to protect against a previously unknown timing attack. OpenSSL is almost certainly not the only implementation to get this wrong. Wonder how long it will be before someone finds this flaw in MS's CryptoAPI libraries?
That isn't what the article said at all. Read section 5.3 of the report again. The passwords used in the experiment are randomly generated. The algorithm presented generates a list of high-probablility passwords, based on the timing.