| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <51193A79.9090907@amacapital.net>
Date: Mon, 11 Feb 2013 10:37:45 -0800
From: Andy Lutomirski <luto@...capital.net>
To: Daniel Borkmann <dborkman@...hat.com>
CC: gregkh@...uxfoundation.org, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lib: memcmp_nta: add timing-attack secure memcmp
On 02/10/2013 02:00 PM, Daniel Borkmann wrote:
> If you need to compare a password or a hash value, the timing of the
> comparison function can give valuable clues to the attacker. Let's
> say the password is 123456 and the attacker tries abcdef. If the
> comparision function fails at the first byte without looking at the
> other bytes, then the attacker can measure the difference in runtime
> and deduce which byte was wrong, reducing the attack space from
> exponential to polynomial. [Daniel J. Bernstein]
>
> Therefore add memcmp_nta ({n}o {t}iming {a}ttacks) in order to avoid
> such scenarios and to facilitate development by providing a generic
> function for (e.g.) the crypto and networking subsystems.
>
> Signed-off-by: Daniel Borkmann <dborkman@...hat.com>
> ---
I read this as "compare memory with non-temporal access". Perhaps
something like "memcpy_constant_time" would be less confusing.
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists