March 29, 2017 [Issue 17286] New: A function for comparing two digests securely | ||||
---|---|---|---|---|
| ||||
https://issues.dlang.org/show_bug.cgi?id=17286 Issue ID: 17286 Summary: A function for comparing two digests securely Product: D Version: D2 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P1 Component: phobos Assignee: nobody@puremagic.com Reporter: jack@jackstouffer.com Given two strings A and B, using std.algorithm.equal to compare them leaves your web application open to timing attacks because it has a short circuit, i.e. it returns false on the first inequality. The attack comes from allowing attacker to brute force you HMAC key. See this article for more information and why Java gets it wrong: https://codahale.com/a-lesson-in-timing-attacks/ The solution is to have a string comparison that will always be constant time given two strings of the same length. -- |
Copyright © 1999-2021 by the D Language Foundation