Re: Time Invariant String Comparison

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Time Invariant String Comparison
From: "Pierre Chapuis" <catwell@...>
Date: Thu, 16 Jan 2014 17:15:51 +0100

> On Thu, Jan 16, 2014 at 5:01 AM, Oliver Kroth <oliver.kroth@nec-i.de>
> wrote:
>> Why not use hashed passwords, which is a better idea anyway as this
>> takes a
>> length independent time, and you may store the credentials in a safe
>> way?
>
> This is the best solution to the problem. The hashing function has
> fixed-length output making the comparison immune to timing attacks,
> and its own execution time is based only on the length of the input
> and leaks no information about the real password.

+1. If you are storing passwords in cleartext timing attacks should
be the least of your worries. Use a good hashing function instead,
like bcrypt [1], scrypt or PBKDF2. See [2] to understand why those
ones and not generic hashing functions.

[1] https://github.com/mikejsavage/lua-bcrypt
[2] http://codahale.com/how-to-safely-store-a-password/

Follow-Ups:
- Re: Time Invariant String Comparison, William Ahern

References:
- Time Invariant String Comparison, Jason A. Donenfeld
- Re: Time Invariant String Comparison, Daniel Silverstone
- Re: Time Invariant String Comparison, Elias Barrionovo
- Re: Time Invariant String Comparison, Paige DePol
- Re: Time Invariant String Comparison, Oliver Kroth
- Re: Time Invariant String Comparison, Coda Highland

Prev by Date: [ANN] push-decoding of bencoded messages
Next by Date: Re: BASIC-like Lua variant
Previous by thread: Re: Time Invariant String Comparison
Next by thread: Re: Time Invariant String Comparison
Index(es):
- Date
- Thread