Timing-independent array comparisonrdist Embedded security, cryptography, software protection I find it interesting that people tend to follow the same stages of awareness when first hearing about timing attacks. A recent discussion about Django redesigning their cookie scheme shows people at the various stages. 1. The timing difference is too small to attack This is the result of not understanding statistics or how jitter can be m
