Top Flaws in Distributed Authentication Systems and how they are Attacked, High Tech, Page 53

Top Flaws in Distributed Authentication Systems and how they are Attacked

Share  Email
  Page: 53
See entire paper: http://electronics.wesrch.com/pdfEL11TZ3XNMONP
Page URL: http://electronics.wesrch.com/53-pdfEL11TZ3XNMONP
Note : Best viewed in FF3 or above, IE7 or above
Page(s): 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 
Page content:

8. Crypto Foibles

 HMAC array comparison timing flaw
 Short-circuit return on mismatch allows byte-at-a-
time brute force
 Seems minute, but actually workable with statistical
sampling
 Surprisingly hard to write a constant-time
comparison in Java or .NET! (Try it.)
 Solution: HMAC your received and calculated
values a second time before comparing
 Prevents ciphertext malleability with the
cryptographic properties of the algorithm, instead of
trying to prevent measurement
Insert presenter logo
here on slide master.
See hidden slide 2 for
directions

 
 
Subscribe
x