[tor-bugs] #3122 [Tor Client]: Write and use constant-time comparison functions
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat May 7 05:14:12 UTC 2011
#3122: Write and use constant-time comparison functions
-------------------------+--------------------------------------------------
Reporter: rransom | Owner: ioerror
Type: enhancement | Status: new
Priority: major | Milestone: Tor: 0.2.1.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by rransom):
Replying to [comment:8 nickm]:
> III. Other things
>
> We need to look for other kinds of operations that alter control flow
based on sensitive information. This includes at minimum auditing hash
tables and lookup functions. This will be an ongoing thing.
The solution here is to ''never'' use a secret string as a lookup key in
an associative data structure. One easy way to do this is to HMAC the
secret lookup key with an ephemeral secret HMAC key; the result is not so
secret, although we would still use our constant-time comparison functions
within the data structure's implementation purely for performance reasons.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3122#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list