Preventing Timing Attacks on String Comparison with Double HMAC Strategy (2015) (paragonie.com) 35 points by rdpintqogeogsaa 4y ago ↗ HN
[–] dorianmariefr 4y ago ↗ so hash(input) == hash(secret) ? [–] pornel 4y ago ↗ No, `hash(hash(input)) == hash(hash(secret))`. [–] justinsteven 4y ago ↗ No, `hmac(key=key, message=input) == hmac(key=key, message=secret)` where key is either a static secret key for comparison purposes, or random for each comparison.
[–] pornel 4y ago ↗ No, `hash(hash(input)) == hash(hash(secret))`. [–] justinsteven 4y ago ↗ No, `hmac(key=key, message=input) == hmac(key=key, message=secret)` where key is either a static secret key for comparison purposes, or random for each comparison.
[–] justinsteven 4y ago ↗ No, `hmac(key=key, message=input) == hmac(key=key, message=secret)` where key is either a static secret key for comparison purposes, or random for each comparison.
[–] ianopolous 4y ago ↗ Neat idea! Especially on jitted platforms where the jit is likely to introduce a timing side channel.
[–] rurban 4y ago ↗ Using the timingsafe_memcmp C function would be faster and safer. [–] iudqnolq 4y ago ↗ As TFA says [–] tatersolid 4y ago ↗ Not using C at all would be safer
7 comments
[ 3.1 ms ] story [ 28.6 ms ] thread