Re: streql - Constant-time string comparison
On 28-10-14 20:59 , Riley Baird wrote:
> As far as I can tell, your code ensures that even if the strings are of
> different length, an equality calculation should be performed anyway,
> however returning 0, on the grounds that this would make it more
> difficult for an attacker to know that the two strings entered were of
> different lengths. Is this right?
Pardon my ignorance, but how much more difficult does it actually become
to determine the two inputs are of different length? In the original the
function returns right away if xlen != ylen. If the attacker can control
one of the inputs (say x), the change proposed by Joel will cause the
time of the compare to increment when xlen in increased until xlen ==
ylen. If this can be observed with enough precision the same objective
can be achieved.