Describe the bug: Password comparison in encryption code may leak timing information. Allows offline timing attack on encrypted data to guess password.
To reproduce:
- Capture encrypted config file
- Script password guessing with timing measurement
- Timing variations reveal password characters
- Brute force becomes more efficient
Expected behavior:
- Use constant-time comparison (subtle.ConstantTimeCompare)
- Ensure Argon2 parameters prevent timing leaks
- Add rate limiting to password attempts
- Consider authentication tag before decryption
Additional context:
- File: config/encryption.go
- Use crypto/subtle for comparisons
- Review entire auth flow for timing leaks
- Severity: Medium - offline attack vector
- Complexity: Medium - cryptography expertise needed
- Related: CWE-208 timing side channel
Describe the bug: Password comparison in encryption code may leak timing information. Allows offline timing attack on encrypted data to guess password.
To reproduce:
Expected behavior:
Additional context: