Re: [RFC] Timing attack safe string comparison function

From:	Thomas Hruska	Date:	Tue, 24 Dec 2013 08:28:36 +0000
Subject:	Re: [RFC] Timing attack safe string comparison function
References:	1 2 3 4	Groups:	php.internals
Request:	Send a blank email to internals+get-70872@lists.php.net to get a copy of this message

On 12/23/2013 11:37 PM, Yasuo Ohgaki wrote:
Hi all,

On Tue, Dec 24, 2013 at 1:35 PM, Thomas Hruska <thruska@cubiclesoft.com>wrote:

On 12/23/2013 8:59 PM, Jake A. Smith wrote:

Hi all,

  "strcmp_secure()" or something like this would be good, as it could be


used any security sensitive string comparison.

I like that. It makes sense for the function to be named for what it
does, not how one hopes or expects it will be used.

JS


Perhaps this could be implemented by adding an optional parameter to the
existing str...cmp() series of functions instead of adding more functions.


We may do this.
However, strcmp() returns 0 for equal strings while strcmp_secure() will
return TRUE for equal strings. We could make strcmp_secure() returns
FALSE/0 for equal strings, but it does not make much sense.

Ah, good point.  It was just an idea that crossed my mind and I'll admit that I had not thought that far ahead.  Having the documentation for the return value of strcmp() change to "mixed" would indeed be odd if it returns boolean results for the "secure" version but integer results otherwise.

-- 
Thomas Hruska
CubicleSoft President

I've got great, time saving software that you might find useful.

http://cubiclesoft.com/


   

Thread (40 messages)

• Rouven WeßlingSun, 22 Dec 2013 17:08:09 +0000
  • Andrea FauldsSun, 22 Dec 2013 17:25:48 +0000
    • Rouven WeßlingMon, 23 Dec 2013 09:45:29 +0000
      • Joe WatkinsMon, 23 Dec 2013 10:01:26 +0000
      • Joe WatkinsMon, 23 Dec 2013 10:03:43 +0000
        • Yasuo OhgakiMon, 23 Dec 2013 22:30:36 +0000
          • Jake A. SmithTue, 24 Dec 2013 03:59:57 +0000
            • Thomas HruskaTue, 24 Dec 2013 04:35:15 +0000
              • Yasuo OhgakiTue, 24 Dec 2013 06:37:56 +0000
                • Thomas HruskaTue, 24 Dec 2013 08:28:36 +0000
                • Sara GolemonFri, 27 Dec 2013 13:57:51 +0000
                  • Adam HarveyFri, 27 Dec 2013 18:12:23 +0000
                    • Yasuo OhgakiFri, 27 Dec 2013 21:57:00 +0000
                      • Jake A. SmithSat, 28 Dec 2013 00:02:53 +0000
                        • Yasuo OhgakiSat, 28 Dec 2013 00:39:06 +0000
                          • Andrea FauldsSat, 28 Dec 2013 01:41:10 +0000
                            • Sanford WhitemanSat, 28 Dec 2013 07:31:32 +0000
                            • Rouven WeßlingSun, 19 Jan 2014 22:40:22 +0000
                  • Stas MalyshevFri, 27 Dec 2013 19:44:21 +0000
            • Mateusz KocielskiFri, 27 Dec 2013 09:04:07 +0000
              • Pierre JoyeFri, 27 Dec 2013 09:07:38 +0000
                • Rouven WeßlingFri, 27 Dec 2013 13:55:39 +0000
                  • Sara GolemonFri, 27 Dec 2013 14:03:14 +0000
      • Tjerk MeestersMon, 23 Dec 2013 14:15:06 +0000
  • Yasuo OhgakiSun, 22 Dec 2013 23:55:02 +0000
  • Tjerk MeestersMon, 23 Dec 2013 01:26:05 +0000
  • Joe WatkinsMon, 23 Dec 2013 09:09:06 +0000Re: [RFC] Timing attack safe string comparison function
    • Yasuo OhgakiMon, 23 Dec 2013 09:45:50 +0000Re: Re: [RFC] Timing attack safe string comparison function
  • Stas MalyshevMon, 23 Dec 2013 10:11:39 +0000
    • Joe WatkinsMon, 23 Dec 2013 10:20:46 +0000
    • Rouven WeßlingMon, 23 Dec 2013 10:26:42 +0000
      • Joe WatkinsMon, 23 Dec 2013 10:42:41 +0000
      • Joe WatkinsMon, 23 Dec 2013 10:50:01 +0000
        • Marco PivettaMon, 23 Dec 2013 11:04:10 +0000
          • Joe WatkinsMon, 23 Dec 2013 11:16:47 +0000
            • Joe WatkinsMon, 23 Dec 2013 11:19:25 +0000
            • Marco PivettaMon, 23 Dec 2013 11:25:35 +0000
          • Rouven WeßlingMon, 23 Dec 2013 16:46:14 +0000
            • Joe WatkinsMon, 23 Dec 2013 19:45:58 +0000
• Iwan LuijksFri, 27 Dec 2013 20:15:53 +0000RE: [PHP-DEV] [RFC] Timing attack safe string comparison function