Message 162845 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	hynek
Recipients	arigo, christian.heimes, fijall, hynek, loewis, ncoghlan, pitrou
Date	2012-06-15.06:19:44
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<95A3CDBD-3E66-42F9-B6E4-0790BA20606C@ox.cx>
In-reply-to	<1339724244.24.0.948516476868.issue15061@psf.upfronthosting.co.za>

Content
> "Secure" vs "not secure" is not a binary state - it's about making attacks progressively more difficult. Something that is secure against a casual script kiddie scatter gunning attacks on various sites with an automated script won't stand up to a systematic attack from a motivated attacker (also see the reporting on Flame and Stuxnet for what a really motivated and well resourced attacker can achieve). The problem here is, that _if_ you add a "secure" to the name of a method, it becomes binary. At least in the minds of the users. I know you address that, but that's the main point here. > Regardless, the target needs to be improving the status quo. > > Being able to tell people "using hmac.total_compare will make you less vulnerable to timing attacks than using ordinary short circuiting comparisons" is a good thing. We just need to be careful not to oversell it as making you immune to timing attacks. Why not write a C function which can be more secure than Python code? I would argue that would be an general asset for the stdlib, not just for HMAC (therefore, I'd put it elsewhere).

> "Secure" vs "not secure" is not a binary state - it's about making attacks progressively more difficult. Something that is secure against a casual script kiddie scatter gunning attacks on various sites with an automated script won't stand up to a systematic attack from a motivated attacker (also see the reporting on Flame and Stuxnet for what a *really* motivated and well resourced attacker can achieve).

The problem here is, that _if_ you add a "secure" to the name of a method, it becomes binary. At least in the minds of the users. I know you address that, but that's the main point here.

> Regardless, the target needs to be *improving the status quo*.
> 
> Being able to tell people "using hmac.total_compare will make you less vulnerable to timing attacks than using ordinary short circuiting comparisons" is a *good thing*. We just need to be careful not to oversell it as making you *immune* to timing attacks.

Why not write a C function which can be more secure than Python code? I would argue that would be an general asset for the stdlib, not just for HMAC (therefore, I'd put it elsewhere).

History
Date	User	Action	Args
2012-06-15 06:19:45	hynek	set	recipients: + hynek, loewis, arigo, ncoghlan, pitrou, christian.heimes, fijall
2012-06-15 06:19:44	hynek	link	issue15061 messages
2012-06-15 06:19:44	hynek	create