Message157809
| Author |
Jon.Oberheide |
| Recipients |
Jon.Oberheide |
| Date |
2012年04月08日.20:27:42 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1333916863.07.0.388274376094.issue14532@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
The multiprocessing module performs a time-dependent comparison of the HMAC digest used for authentication:
def deliver_challenge(connection, authkey):
import hmac
assert isinstance(authkey, bytes)
message = os.urandom(MESSAGE_LENGTH)
connection.send_bytes(CHALLENGE + message)
digest = hmac.new(authkey, message).digest()
response = connection.recv_bytes(256) # reject large message
if response == digest:
connection.send_bytes(WELCOME)
else:
connection.send_bytes(FAILURE)
raise AuthenticationError('digest received was wrong')
This comparison should be made time-independent as to not leak information about the expected digest and allow an attacker to derive the full digest.
More info on such timing attacks:
http://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/
http://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/ |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2012年04月08日 20:27:43 | Jon.Oberheide | set | recipients:
+ Jon.Oberheide |
| 2012年04月08日 20:27:43 | Jon.Oberheide | set | messageid: <1333916863.07.0.388274376094.issue14532@psf.upfronthosting.co.za> |
| 2012年04月08日 20:27:42 | Jon.Oberheide | link | issue14532 messages |
| 2012年04月08日 20:27:42 | Jon.Oberheide | create |
|