[ https://issues.apache.org/jira/browse/FTPSERVER-485?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yannic Noller updated FTPSERVER-485: ------------------------------------ Description: Dear Apache FTPServer developers, We have found a timing side-channel in class org.apache.ftpserver.usermanager.ClearTextPasswordEncryptor, method "public boolean matches(String passwordToCheck, String storedPassword)". This is due to the use of String.equals for comparison which returns as soon as a character does not match. This represents a timing side channel, which could be used by a potential attacker to obtain knowledge about the hidden secret password. Do you agree with our findings? A similar issue is present in method "matches" from classes org.apache.ftpserver.usermanager.Md5PasswordEncryptor and org.apache.ftpserver.usermanager.SaltedPasswordEncryptor. We found these classes in the latest version of your git repo: https://git-wip-us.apache.org/repos/asf?p=mina-ftpserver.git;a=summary The problem can be fixed easily by using the following safe version for String comparison in all three methods: public boolean isEqual_safe(String a, String b) { if (a == b) { return true; } char a_value[] = a.toCharArray(); char b_value[] = b.toCharArray(); if (a_value.length != b_value.length) { return false; } boolean match = true; for (int i = 0; i < a_value.length; i++) { match &= a_value[i] == b_value[i]; } return match; } Do you agree with our patch proposal? Please feel free to contact us for further clarification! You can reach us by the following email address: yannic.nol...@informatik.hu-berlin.de Best regards, Yannic Noller was: Dear Apache FTPServer developers, We have found a timing side-channel in class org.apache.ftpserver.usermanager.ClearTextPasswordEncryptor, method "public boolean matches(String passwordToCheck, String storedPassword)". This is due to the use of String.equals for comparison which returns as soon as a character does not match. This represents a timing side channel, which could be used by a potential attacker to obtain knowledge about the hidden secret password. Do you agree with our findings? A similar issue is present in method "matches" from classes org.apache.ftpserver.usermanager.Md5PasswordEncryptor and org.apache.ftpserver.usermanager.SaltedPasswordEncryptor. We found these classes in the latest version of your git repo: https://git-wip-us.apache.org/repos/asf?p=mina-ftpserver.git;a=summary The problem can be fixed easily by using the following safe version for String comparison in all three methods: public boolean isEqual_safe(String a, String b) { if (a == b) { return true; } char a_value[] = a.toCharArray(); char b_value[] = b.toCharArray(); if (a_value.length != b_value.length) { return false; } boolean match = true; for (int i = 0; i < a_value.length; i++) { match &= a_value[i] != b_value[i]; } return match; } Do you agree with our patch proposal? Please feel free to contact us for further clarification! You can reach us by the following email address: yannic.nol...@informatik.hu-berlin.de Best regards, Yannic Noller > Timing Side Channel PasswordEncryptor > ------------------------------------- > > Key: FTPSERVER-485 > URL: https://issues.apache.org/jira/browse/FTPSERVER-485 > Project: FtpServer > Issue Type: Bug > Components: Core > Affects Versions: 1.1.1 > Environment: tested on macOS High Sierra 10.13.4, but it is not > relevant > Reporter: Yannic Noller > Priority: Major > Labels: easyfix, pull-request-available > Fix For: 1.1.2 > > Original Estimate: 24h > Remaining Estimate: 24h > > Dear Apache FTPServer developers, > We have found a timing side-channel in class > org.apache.ftpserver.usermanager.ClearTextPasswordEncryptor, method "public > boolean matches(String passwordToCheck, String storedPassword)". This is due > to the use of String.equals for comparison which returns as soon as a > character does not match. This represents a timing side channel, which could > be used by a potential attacker to obtain knowledge about the hidden secret > password. > Do you agree with our findings? > A similar issue is present in method "matches" from classes > org.apache.ftpserver.usermanager.Md5PasswordEncryptor and > org.apache.ftpserver.usermanager.SaltedPasswordEncryptor. > We found these classes in the latest version of your git repo: > https://git-wip-us.apache.org/repos/asf?p=mina-ftpserver.git;a=summary > The problem can be fixed easily by using the following safe version for > String comparison in all three methods: > public boolean isEqual_safe(String a, String b) { > if (a == b) { > return true; > } > char a_value[] = a.toCharArray(); > char b_value[] = b.toCharArray(); > if (a_value.length != b_value.length) { > return false; > } > boolean match = true; > for (int i = 0; i < a_value.length; i++) { > match &= a_value[i] == b_value[i]; > } > return match; > } > Do you agree with our patch proposal? > Please feel free to contact us for further clarification! You can reach us by > the following email address: > yannic.nol...@informatik.hu-berlin.de > Best regards, > Yannic Noller -- This message was sent by Atlassian JIRA (v7.6.3#76005)