lwip-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #65118] The non-constant time memcmp function is used


From: Mohan
Subject: [lwip-devel] [bug #65118] The non-constant time memcmp function is used to compare the HMAC validation
Date: Thu, 4 Jan 2024 00:55:35 -0500 (EST)

URL:
  <https://savannah.nongnu.org/bugs/?65118>

                 Summary: The non-constant time memcmp function is used to
compare the HMAC validation 
                   Group: lwIP - A Lightweight TCP/IP stack
               Submitter: mohand
               Submitted: Thu 04 Jan 2024 05:55:35 AM UTC
                Category: Security-related
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: 2.2.0


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Thu 04 Jan 2024 05:55:35 AM UTC By: Mohan <mohand>
lwip library using non-constant time memcmp function while validating the HMAC
received. The adversary can mount the timing side channel attack to determine
the valid HMAC for the message.

The memcmp function compares one byte at a time and exit the function as soon
as first character mismatch occurs. If this function is used to compare the
secure data like HMAC, user id, password; the adversary can check the timing
of response to determine the expected secure value one character at a time.  

https://git.savannah.nongnu.org/cgit/lwip.git/tree/src/apps/snmp/snmp_msg.c?h=STABLE-2_2_0_RELEASE#n1061







    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/bugs/?65118>

_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]