Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
5 check-ins for the month beginning 2011-10-01 by user dmitry
Following month ↑|
2011-10-04
| ||
| 15:20 | Add HMAC-SHA1 implementation. ... (Closed-Leaf check-in: dcee34b2 user: dmitry tags: multisession) | |
| 15:15 | Merge protection against timing attacks into trunk. ... (check-in: d4a341b4 user: dmitry tags: trunk) | |
| 14:38 | Merge trunk into dmitry-security branch. ... (Closed-Leaf check-in: f4eb0f5a user: dmitry tags: dmitry-security) | |
| 14:34 | Rename constant_time_eq to constant_time_cmp to better indicate that these functions return 0 when values are equal, like memcmp, strcmp, etc., not truth, to avoid possible mistakes. ... (check-in: d244c484 user: dmitry tags: dmitry-security) | |
| 14:28 |
Revert the previous change after thinking more about it.
Login cards in the sync protocol have the following format: login userid nonce signature Nonce is SHA-1 of the message that follows this line, signature is SHA-1 of the concatenation of the nonce and user's shared secret. The successful timing attack can reveal only signature for this particular packet due to nonce. However, as nonce is known to the attacker, it's theoretically possible for them to bruteforce the shared secret_offline_. The whole scenario sounds highly improbable, but using constant-time comparison function for such things by default is a good practice. ... (check-in: 13a9a124 user: dmitry tags: dmitry-security) | |