CppCMS C++ Web Framework / Bugs / #117 Timing Attack Vulnerability

#117 Timing Attack Vulnerability

Milestone: cppcms-v1.0.x

Status: closed

Owner: nobody

Labels: None

Priority: 1

Updated: 2014-10-30

Created: 2014-04-07

Creator: Anonymous

Private: No

framework/trunk/src/hmac_encryptor.cpp

...
bool ok = memcmp(&mac[0],cipher.c_str() + message_size,digest_size) == 0;

framework/branches/maintance_0_0_x/hmac_encryptor.cpp

...
hash(&data.front()+16,data.size()-16,md5);
if(!equal(data.begin(),data.begin()+16,md5))
    return false;

http://codahale.com/a-lesson-in-timing-attacks/

Discussion

Artyom Beilis - 2014-05-23

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Artyom Beilis - 2014-05-23

Fixed in cs 2246

The chance of using it virtually none due to the fact that memcmp works on 4 bytes blocks and that the noise would be so high in comparison to memcmp time...

But not to be paranoid

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Anonymous