This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author loewis
Recipients arigo, christian.heimes, fijall, hynek, loewis, ncoghlan, pitrou
Date 2012-06-15.08:09:30
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <4FDAEDB9.4090500@v.loewis.de>
In-reply-to <CAK5idxSDwEaEVMPt+3762FHaPaSoFn3=JH2kaDtab16b999qeg@mail.gmail.com>
Content
> Note that this does not relief you from using a time-independent comparison
> function. If you call some hash function (which time is known to the
> attacker), then you compare it against a stored hashed version. If you use
> a normal compare you're leaking the hash. This is indeed not as bad as
> leaking the password, but it has been demonstrated that one-direction
> functions are still vulnerable to some sort of attacks, so it's not ideal
> either.

But you don't leak the hash - you leak the first byte of the hash if you
make 256 tries, and the first two bytes if you make 65536 tries. To leak
the first four bytes of the hash, you need to make 2**32 tries.
So this is equivalent to a brute-force attack, which works just as well
against a time-independent function. So using a time-independent
function does not add any security.
History
Date User Action Args
2012-06-15 08:09:31loewissetrecipients: + loewis, arigo, ncoghlan, pitrou, christian.heimes, fijall, hynek
2012-06-15 08:09:30loewislinkissue15061 messages
2012-06-15 08:09:30loewiscreate