New submission from Jon Oberheide <j...@oberheide.org>: Hi all,
I was informed that the hmac.secure_compare() function added in 14532 is not time-independent when processing unicode values: "The function as given is probably not timing independent if the attacker can provide unicode values. This is because (in CPython at least) all integer values in the range [-5, 256] inclusive are made singletons to avoid the performance hit of integer object creation, meaning that as long as (x ^ y) < 257, no integer object is created and the function appears constant time. When that assumption is violated, you get a timing delta that is actually fairly large compared to the delta for a single character compare." One way to work around this issue is to perform strict 8-bit byte comparisons by converting any string type parameters to bytes via a utf-8 encode. The attached patch does this. Regards, Jon Oberheide ---------- components: Library (Lib) files: secure-compare-fix-v1.patch keywords: patch messages: 161898 nosy: Jon.Oberheide priority: normal severity: normal status: open title: hmac.secure_compare() is not time-independent for unicode strings type: security versions: Python 3.3 Added file: http://bugs.python.org/file25756/secure-compare-fix-v1.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue14955> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
