[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #3122 [Tor Client]: Write and use constant-time comparison functions
#3122: Write and use constant-time comparison functions
-------------------------+--------------------------------------------------
Reporter: rransom | Owner: ioerror
Type: enhancement | Status: new
Priority: major | Milestone: Tor: 0.2.1.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by rransom):
Replying to [comment:8 nickm]:
> III. Other things
>
> We need to look for other kinds of operations that alter control flow
based on sensitive information. This includes at minimum auditing hash
tables and lookup functions. This will be an ongoing thing.
The solution here is to ''never'' use a secret string as a lookup key in
an associative data structure. One easy way to do this is to HMAC the
secret lookup key with an ephemeral secret HMAC key; the result is not so
secret, although we would still use our constant-time comparison functions
within the data structure's implementation purely for performance reasons.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3122#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs