Could a random sleep prevent timing attacks?
问题 From Wikipedia In cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Actually, to prevent timing attacks, I'm using the following function taken from this answer: function timingSafeCompare($safe, $user) { // Prevent issues if string length is 0 $safe .= chr(0); $user .= chr(0); $safeLen = strlen($safe); $userLen = strlen($user); // Set the result to the difference