https://issues.dlang.org/show_bug.cgi?id=17286
Issue ID: 17286
Summary: A function for comparing two digests securely
Product: D
Version: D2
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P1
Component: phobos
Assignee: [email protected]
Reporter: [email protected]
Given two strings A and B, using std.algorithm.equal to compare them leaves
your web application open to timing attacks because it has a short circuit,
i.e. it returns false on the first inequality.
The attack comes from allowing attacker to brute force you HMAC key. See this
article for more information and why Java gets it wrong:
https://codahale.com/a-lesson-in-timing-attacks/
The solution is to have a string comparison that will always be constant time
given two strings of the same length.
--
