This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author fijall
Recipients arigo, christian.heimes, fijall, hynek, loewis, ncoghlan, pitrou
Date 2012-06-15.07:49:06
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <CAK5idxRGQ-aGTWpi78O=OhwFpKpG=UM2+3TrSCDbc70cE=ggVw@mail.gmail.com>
In-reply-to <1339746101.2.0.168012572077.issue15061@psf.upfronthosting.co.za>
Content
On Fri, Jun 15, 2012 at 9:41 AM, Nick Coghlan <report@bugs.python.org>wrote:

>
> Nick Coghlan <ncoghlan@gmail.com> added the comment:
>
> To repeat, the specific feature being proposed for retention is:
>
> * a function called hmac.total_compare() that is clearly documented as
> being still vulnerable to timing analysis given a sufficiently
> sophisticated attacker, while still being more resistant to such analysis
> than the standard comparison operator
>
> * restricting that function to operating on bytes, to eliminate timing
> variations associated with encoding/decoding of Unicode text and reduce
> those associated with the calculation of integer values
>
> Leaking less information on each comparison is intended to increase the
> effectiveness of higher level timing attack countermeasures (such as rate
> limiting and lockouts). Anyone that would use "hmac.total_compare" and call
> it done is likely using ordinary comparison today (which is even worse).
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue15061>
> _______________________________________
>

Nick, I fail to understand why are you opposing writing such a function in
C. Such a function can be provably time-independent (and as MvL says this
is a binary state), at least as long as it operates on bytes (I'll refrain
from asking about unicode, I think it's possible, but I dunno).

For the same function in python it's at the very least much harder to prove
(and has bugs as we've seen)

Cheers,
fijal
History
Date User Action Args
2012-06-15 07:49:07fijallsetrecipients: + fijall, loewis, arigo, ncoghlan, pitrou, christian.heimes, hynek
2012-06-15 07:49:06fijalllinkissue15061 messages
2012-06-15 07:49:06fijallcreate