You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The first part can be used to query the token information from the database. If this part is faulty, nothing can be retrieved, and an error response can be sent. That is exactly as it is now.
That part might be vulnerable to timing attacks against SQLite’s WHERE clause. This means it would take slightly longer to deny a token starting with a known character, versus one without. (See this issue for a similar thing, and the links therein.) Over time the entire valid token can be found.
Mintoken can use the first part of the token to retrieve the second part of the token from the database. Then PHP can do a constant time comparison between the submitted second part and the second part from the database.
This means the second part is protecting us from timing attacks. Even if an attacker has used timing attacks to discover the complete first part of the token, the same attack can not be used against the second part. This protects the entire token against timing attacks.
The text was updated successfully, but these errors were encountered:
The token should consist of two parts:
The first part can be used to query the token information from the database. If this part is faulty, nothing can be retrieved, and an error response can be sent. That is exactly as it is now.
That part might be vulnerable to timing attacks against SQLite’s
WHEREclause. This means it would take slightly longer to deny a token starting with a known character, versus one without. (See this issue for a similar thing, and the links therein.) Over time the entire valid token can be found.Mintoken can use the first part of the token to retrieve the second part of the token from the database. Then PHP can do a constant time comparison between the submitted second part and the second part from the database.
This means the second part is protecting us from timing attacks. Even if an attacker has used timing attacks to discover the complete first part of the token, the same attack can not be used against the second part. This protects the entire token against timing attacks.
The text was updated successfully, but these errors were encountered: