Forgot to reply all, it seems.
-- Forwarded message --
From: Scott Arciszewski
Date: Wed, Nov 26, 2014 at 11:59 AM
Subject: Re: [PHP-DEV] Fwd: [php-src] Constant-Time bin2hex()
implementation (#909)
To: Ferenc Kovacs
On Wed, Nov 26, 2014 at 11:49 AM, Ferenc Kovacs wrote
I'm of the opinion, this:
On 26 November 2014 at 19:45, Anthony Ferrara wrote:
>
> The two mcrypt functions, IMHO **MUST** be made timing safe, no matter
> what, since they **always** deal with sensitive information.
>
Extended to any crypto functions too.
But for everything else, this:
On 26
That is why I updated the PR and made it add a function (ts_bin2hex())
instead of replacing the existing behavior.
I could have sworn I already sent this to the list.
On Wed, Nov 26, 2014 at 3:45 PM, Korvin Szanto
wrote:
> I don't like the idea of any mandatory slow down, trivial or not. This
>
I don't like the idea of any mandatory slow down, trivial or not. This
should be opt in.
On Wed, Nov 26, 2014, 12:28 PM Rasmus Lerdorf wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 11/26/2014 11:45 AM, Anthony Ferrara wrote:
> >> That seems like a lot of functions to artificial
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/26/2014 11:45 AM, Anthony Ferrara wrote:
>> That seems like a lot of functions to artificially slow down.
>
> Well, in most cases it shouldn't slow it down by a non-trivial
> margin.
If that can be shown definitively, then I would have fewer ob
> That seems like a lot of functions to artificially slow down.
Well, in most cases it shouldn't slow it down by a non-trivial margin.
It's not like comparison which removes the ability to short circuit,
where it can be extremely significantly longer.
When doing things like encoding or decoding,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/26/2014 07:29 AM, Scott Arciszewski wrote:
> http://events.ccc.de/congress/2012/Fahrplan/attachments/2235_29c3-schinzel.pdf
>
> No, a random delay is not sufficient.
Sure, I mentioned that if the scenario allows for lots of observations
then it
On 26 November 2014 at 08:49, Ferenc Kovacs wrote:
>> That's a rather extreme reaction to trying to patch string operations that
>> real-world frameworks use to handle crypto secrets, don't you think?
>>
> and there are at least that much, but probably lot more usages in the
> wild(see https://git
>
>
> That's a rather extreme reaction to trying to patch string operations that
> real-world frameworks use to handle crypto secrets, don't you think?
>
>
and there are at least that much, but probably lot more usages in the
wild(see https://github.com/search?l=php&q=bin2hex&type=Code&utf8=%E2%9C%
On 26/11/14 16:29, Scott Arciszewski wrote:
> That's a rather extreme reaction to trying to patch string operations that
> real-world frameworks use to handle crypto secrets, don't you think?
Hmm, no.
--
Regards,
Mike
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, vi
http://events.ccc.de/congress/2012/Fahrplan/attachments/2235_29c3-schinzel.pdf
No, a random delay is not sufficient.
Or, write yourself an extension and mirror the implementations of all
these functions. pecl/ts_string or something like that and provide
ts_bin2hex() and/or have the extension over
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2014 07:37 AM, Scott Arciszewski wrote:
> I would like to, at the minimum, suggest making the following
> functions run in constant time:
>
> * bin2hex() * hex2bin() * base64_encode() * base64_decode() *
> mcrypt_encrypt() -- requires delving
Scott Arciszewski wrote on 25/11/2014 15:37:
Hi Internals!
I've submitted a PR based on Frank Denis's work in libsodium that makes
bin2hex() run in constant time () as an improvement to mitigate
cache-timing attacks. My motivation for doing so is that many developers
(including myself) use base-
Hi Internals!
I've submitted a PR based on Frank Denis's work in libsodium that makes
bin2hex() run in constant time () as an improvement to mitigate
cache-timing attacks. My motivation for doing so is that many developers
(including myself) use base-16 and base-64 encoding to store cryptographic
14 matches
Mail list logo