On Thu, Dec 1, 2011 at 11:37 PM, Jerrie Union <[email protected]> wrote: > > Given the following Java code: > > public boolean check(digest, secret) { > hash = md5(secret); > > if (digest.length != hash.length) { > return false; > } > > for (i = 0; i < digest.length; i++) { > if (digest[i] != hash[i]) { > return false; > } > } > > return true; > } > > I’m wondering, if it’s running as some authenticated server application, if > it should be considered as resistant to time attacks nowadays. I’m aware > that’s > not a good practice, but I’m not clear if I should consider it as exploitable > over the > network (on both intranet and internet scenarios).
You should. The code above leaks timing information and becomes exploitable, given enough measurements. (also, consider not storing the secret in plaintext) > I would like to run some tests, but I’m not sure if I should follow some > specific > approach. Anyone has done some research recently? Sebastian Schinzel. Presenting his research on December 28th, at 28C3: Time is on my Side - exploiting timing side channel vulnerabilities on the web: http://events.ccc.de/congress/2011/Fahrplan/events/4640.en.html Cheers, -- alfonso blogs at http://Plaintext.crypto.lo.gy tweets @secYOUre _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
