www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.bugs - [Issue 17286] New: A function for comparing two digests securely

https://issues.dlang.org/show_bug.cgi?id=17286

          Issue ID: 17286
           Summary: A function for comparing two digests securely
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P1
         Component: phobos
          Assignee: nobody puremagic.com
          Reporter: jack jackstouffer.com

Given two strings A and B, using std.algorithm.equal to compare them leaves
your web application open to timing attacks because it has a short circuit,
i.e. it returns false on the first inequality.

The attack comes from allowing attacker to brute force you HMAC key. See this
article for more information and why Java gets it wrong:
https://codahale.com/a-lesson-in-timing-attacks/

The solution is to have a string comparison that will always be constant time
given two strings of the same length.

--
Mar 29 2017