I'm no security expert, but I'm gunna go ahead and say that (IMO) this
attack is at best a theoretical attack for the vast majority of OAuth
installs.
> Blaine or Kellan threw out a question about this vulnerability in an
> OAuth context that I haven't had the time (nor do I have the
> qualifications) to answer: do the use of a nonce and timestamp
> mitigate the risk?
Seth, I actually think that enforcing nonces should make this attack
impossible for guessing OAuth signatures (assuming you enforce nonces
for malformed requests). If you can only get a good/bad response once
then you're out of luck.
In practice few people actually check nonces, but checking time stamps
should make this attack _extremely_ infeasible if not impossible. If
you only allowed timestamps that are <= 15 minutes old, for example,
an attacker would have to determine your signature within 15 minutes
(which means making many millions of requests in that period of time).
Coda suggested that researches were able to determine 20µs differences
with a few hundred (or thousand?) measurements. As a point of
reference, here are some measurements from my machine (using Python):
>>> timeit.Timer("'aa' == 'bb'").timeit(10000000)
0.74933886528015137
>>> timeit.Timer("'aa' == 'ab'").timeit(10000000)
0.80185294151306152
Mike
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---
