Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72402 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 81007 invoked from network); 8 Feb 2014 13:55:46 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 8 Feb 2014 13:55:46 -0000 Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.172 as permitted sender) X-PHP-List-Original-Sender: nikita.ppv@gmail.com X-Host-Fingerprint: 209.85.214.172 mail-ob0-f172.google.com Received: from [209.85.214.172] ([209.85.214.172:51022] helo=mail-ob0-f172.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 31/32-65299-16736F25 for ; Sat, 08 Feb 2014 08:55:45 -0500 Received: by mail-ob0-f172.google.com with SMTP id vb8so5367762obc.3 for ; Sat, 08 Feb 2014 05:55:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=F7fQpMggvZ/N40epw4ryqm0rPBsyQ3zhyu026sHNEzI=; b=XXYqWSVUefNb+f4Fav7PS2uIhzPMs9hVc66XvthFwr14MnhydgxOqc9SIsP9LY3KL2 sy8d6tte4/WrJtqvZUpsEf8xJSIZiC8MR4qLEEH4yXQgFgbvrJi58QLEet/VAdW8MWXL 71p+WXhSC9nYGW0EEuiXmNkqBUfwPGUEZ7nPHGV30mS6hbu9HnsU52BTFxUAWCqDOlAC b9dOwyYwlBKiOvzNk+KIa0mtmssaYoU3JRjS/pVzgDeK8rCl13y0O7DnGgbxkGmwFbSz Zfgb6RvnF9L9xIUlOBwTrXhPCXUo3HC+429ImfhZ4hRjNNqbNoGxRLmUDayNsNfWyeXy iwSw== MIME-Version: 1.0 X-Received: by 10.60.98.174 with SMTP id ej14mr17889547oeb.16.1391867742536; Sat, 08 Feb 2014 05:55:42 -0800 (PST) Received: by 10.182.54.112 with HTTP; Sat, 8 Feb 2014 05:55:42 -0800 (PST) In-Reply-To: <52F62B61.7030305@lsces.co.uk> References: <52F61A78.1020401@lsces.co.uk> <52F62B61.7030305@lsces.co.uk> Date: Sat, 8 Feb 2014 14:55:42 +0100 Message-ID: To: Lester Caine Cc: PHP internals Content-Type: multipart/alternative; boundary=089e0122912c5e48cc04f1e576b9 Subject: Re: [PHP-DEV] Security Diligence From: nikita.ppv@gmail.com (Nikita Popov) --089e0122912c5e48cc04f1e576b9 Content-Type: text/plain; charset=ISO-8859-1 On Sat, Feb 8, 2014 at 2:04 PM, Lester Caine wrote: > Hopefully to put some of the discussions into context of where they fit in > the real world. Is the 'timing attack' or problems created by an 'insecure' > random number a practical proposition? The only physical proof that I have > seen presented for the 'timing attack' is 10 years old and relates to a > 'small local network'? Processor speed has increased a little in 10 years > and we now tend to work in 64bit chunks rather than 8 or 16bit? Although > that does also enhance the power of the hackers ... So discussing something > based on timing 8bit characters seems a little strange? Firebird code > dropped the 10 year old process a few versions back. I was trying to > establish where the risk was in PHP and while I am more than happy it does > not exist in my own applications, while it remains an 'unpatched security > risk' others will not accept that fact. What is still missing from the > discussion is the level of risk these 'security problems' present? > Grounding the security RFC's in a little factual base would be appreciated > so that proper defence can be presented when required. Obviously 'fix in X' > is ideal, but only if the full risk has been assessed? > If your system has many other open security concerns, then yes, timing attacks are most certainly the least of your worries and you are very welcome to ignore this issue until you have resolved the more pressing ones. While I certainly appreciate working with secure software, it is not a concern of this mailing list or its members whether or not you implement mitigations against certain cryptographic attacks. It *is* however our concern to provide the necessary means for the people who *do* wish to implement the necessary safe-guards. Also, I strongly suspect that you don't have sufficient cryptanalytic background to assess the severity of certain attack vectors. While remote string comparison timing attacks might be considered an exotic concern by some people, usage of an unsuitable random number generator in the wrong context is a most severe and typically easily exploitable vulnerability. Dismissing it so easily certainly creates the impression that you have a somewhat skewed perception of the severity of some attacks. You might consider the possibility that your security consultant, given his line of work, has a better understanding of application security than you do. Thanks, Nikita --089e0122912c5e48cc04f1e576b9--