Is passlib cryptocontext verify method security for timing attacks?



  • My question is pretty short: is passlib cryptocontext verify method vulnerable to timing attacks, which would an attacker allow to narrow down the real password?



  • In password hashing and verification the majority of time is done in the computation of the hash. Only a small fraction of time is spend during verification for comparing the computed hash value with the stored hash value. And even this comparison is on basically comparing "randomish" data since they are the output of hash functions. And even if one could just measure the timing of the final comparison from hashed entered password to hashed stored password, it would not help to reverse engineer the original password since the hashes used are non-reversible.

    In other words: timing attacks against established password hashing algorithms can not be used to determine the original password, no matter how the actual implementation is done. Additional protection against timing attacks in the implementations is not needed.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2