[security] Widespread Timing Vulnerabilities in OpenID implementations

Andrew Arnott andrewarnott at gmail.com
Fri Jul 16 22:19:38 UTC 2010


Nate,
How do you ascertain that a given library is vulnerable?  Just by code
inspection and assume you understand the implications of the platform and
surrounding code, or do you successfully exploit it to be certain?

--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre


On Fri, Jul 16, 2010 at 10:45 AM, Nate Lawson <nate at rootlabs.com> wrote:

> Breno de Medeiros wrote:
> > On Fri, Jul 16, 2010 at 08:02, Pádraic Brady <padraic.brady at yahoo.com>
> wrote:
> >> I can only speak for PHP, but the function is also multiples slower than
> a
> >> native comparison from when I was implementing it last year. Not all
> that
> >> surprising given PHP is also built on C (to the point it practically
> copies
> >> functions) so it should resolve similarly.
> >
> > The only fair comparison here is when the two inputs are equal.
> > Lengthening the time of computation when the inputs are different is
> > the goal of this fix.
>
> Yes, that's what I was checking on.
>
> >> Just on implementations - have you notified these directly? Not all of
> them
> >> may be paying attention to this list since it's not necessarily
> >> implementation specific.
>
> No, there are too many. We've also notified all OAuth, various web
> frameworks, and others not yet public. There are at least 30 known
> affected libraries and up to double that unknown. We can't review
> everything.
>
> --
> Nate Lawson
> Root Labs :: www.rootlabs.com
> +1 (510) 595-9505 / (415) 305-5638 mobile
> Solving embedded security, kernel and crypto challenges
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20100716/8b0b709f/attachment.html>


More information about the security mailing list