[Issue 17286] New: A function for comparing two digests securely
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Mar 29 13:27:03 PDT 2017
https://issues.dlang.org/show_bug.cgi?id=17286
Issue ID: 17286
Summary: A function for comparing two digests securely
Product: D
Version: D2
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P1
Component: phobos
Assignee: nobody at puremagic.com
Reporter: jack at jackstouffer.com
Given two strings A and B, using std.algorithm.equal to compare them leaves
your web application open to timing attacks because it has a short circuit,
i.e. it returns false on the first inequality.
The attack comes from allowing attacker to brute force you HMAC key. See this
article for more information and why Java gets it wrong:
https://codahale.com/a-lesson-in-timing-attacks/
The solution is to have a string comparison that will always be constant time
given two strings of the same length.
--
More information about the Digitalmars-d-bugs
mailing list