This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author fijall
Recipients arigo, christian.heimes, fijall, hynek, loewis, ncoghlan, pitrou
Date 2012-06-15.08:12:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <CAK5idxSa8Xw_qDqmBTVhOkQMxoCjuqv=u6eznCVndQkTLnqtfg@mail.gmail.com>
In-reply-to <4FDAEDB9.4090500@v.loewis.de>
Content
On Fri, Jun 15, 2012 at 10:09 AM, Martin v. Löwis <report@bugs.python.org>wrote:

>
> Martin v. Löwis <martin@v.loewis.de> added the comment:
>
> > Note that this does not relief you from using a time-independent
> comparison
> > function. If you call some hash function (which time is known to the
> > attacker), then you compare it against a stored hashed version. If you
> use
> > a normal compare you're leaking the hash. This is indeed not as bad as
> > leaking the password, but it has been demonstrated that one-direction
> > functions are still vulnerable to some sort of attacks, so it's not ideal
> > either.
>
> But you don't leak the hash - you leak the first byte of the hash if you
> make 256 tries, and the first two bytes if you make 65536 tries. To leak
> the first four bytes of the hash, you need to make 2**32 tries.
> So this is equivalent to a brute-force attack, which works just as well
> against a time-independent function. So using a time-independent
> function does not add any security.
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue15061>
> _______________________________________
>

Martin, you fail to understand how this works. You don't do 2**32 tries to
leak the 4 charaters, you need 4 * 256, that's why this attack is so bad,
because the time needed for the next character is brute force, but then you
can move on to the next one.
History
Date User Action Args
2012-06-15 08:12:39fijallsetrecipients: + fijall, loewis, arigo, ncoghlan, pitrou, christian.heimes, hynek
2012-06-15 08:12:39fijalllinkissue15061 messages
2012-06-15 08:12:39fijallcreate