Red Hat Security Blog: May 2014 archives
-
Defeating memory comparison timing oracles
The standard C functions for comparing two strings of the same length, memcmp can be implemented naïvely as follows: For each byte in the two strings: From both strings, load the byte at the position currently under consideration and compare their values. If they are not equal, return some value matching the sign of their difference (as unsigned bytes). If no differing bytes are discovered, return 0. From time to time, there are reports that this implementation results in a timing oracle...