Re: Time Invariant String Comparison

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Time Invariant String Comparison
From: Tim Hill <drtimhill@...>
Date: Thu, 16 Jan 2014 16:02:42 -0800

On Jan 16, 2014, at 3:44 AM, Jason A. Donenfeld <Jason@zx2c4.com> wrote:

> Hi guys,
> 
> Over at cgit [1] we use Lua for our authentication framework [2]. One
> thing we're doing wrong is lines like these:
> 
> 	if password == post["password"] then
> 
> Since an attacker can control the post params, this test is vulnerable
> to a timing attack, by which an attacker could determine the password
> one character at a time by analysis of response time.
> 
> What I'm looking for is some clever way in Lua to compare two strings
> in a time invariant way. Any suggestions?
> 
> Thanks,
> Jason
> 
> 
> [1] http://git.zx2c4.com/cgit/
> [2] http://git.zx2c4.com/cgit/tree/filters/simple-authentication.lua
> 

First, I would not rely on language behaviors such as string compare time for security .. as others have explained here this varies from version to version (and even different build options) within Lua. Second, the normal approach here is to ALWAYS inject a significant (and pseudo-random) delay when responding to invalid credentials. This not only prevents time analysis attacks, it also protects against brute-force and dictionary attacks since it makes them take impractically long times. Don’t rely on the network being slow for this either.

—Tim

Follow-Ups:
- Re: Time Invariant String Comparison, Coda Highland

References:
- Time Invariant String Comparison, Jason A. Donenfeld

Prev by Date: Re: [Luarocks-developers] Luarocks install bug? [was Re: [ANN] stdlib 36 released]
Next by Date: Re: I'm really fed up with this list! News from the revolut.
Previous by thread: Re: Time Invariant String Comparison
Next by thread: Re: Time Invariant String Comparison
Index(es):
- Date
- Thread