Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72498 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 87992 invoked from network); 12 Feb 2014 07:02:20 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 12 Feb 2014 07:02:20 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.43 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.215.43 mail-la0-f43.google.com Received: from [209.85.215.43] ([209.85.215.43:56780] helo=mail-la0-f43.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id F8/62-07280-A7C1BF25 for ; Wed, 12 Feb 2014 02:02:19 -0500 Received: by mail-la0-f43.google.com with SMTP id pv20so6700482lab.16 for ; Tue, 11 Feb 2014 23:02:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=nSWFPoz1m3NVv24+VqVbSUV8X2XjzbcqTLG7NPFkZLI=; b=oNf85sHdhamV9TyTj23Smq+gtdIQeguwmBBRj6nGvSKoTQo4JLRX4f/gA5/F7PN0VO LldEl2l8CqPIC8HLXQhfGN6znUKunxISud9GHgE5FNQC6AOidtPUy6V/+P+q/OkQIe7k YMCncCpO4biRxg3hCTHfv1p91+daA2fY5pkPXc4qW8DxSvBmplq0W+IwO/KKQmKEUptT x75r6zJeah3nwoCmNVmoBEmoJ9+imtCi7LRDKTc66BrCFYbZV/nakSkgOutZ1tSFgEAj U8aALXF8pPiWiNY1NDkNS7w6MHjv34lqQStMJWZYCeD4wDCcDbqQWsApZFUuE9OXT7M6 U9Qw== X-Received: by 10.152.120.37 with SMTP id kz5mr26610459lab.30.1392188535208; Tue, 11 Feb 2014 23:02:15 -0800 (PST) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.199.37 with HTTP; Tue, 11 Feb 2014 23:01:35 -0800 (PST) In-Reply-To: <52F895CB.2020308@lsces.co.uk> References: <9E3AA302-1EC1-4497-996F-716555CAAB64@rouvenwessling.de> <52F895CB.2020308@lsces.co.uk> Date: Wed, 12 Feb 2014 16:01:35 +0900 X-Google-Sender-Auth: uzMakLY32FIq6Y_2hnFS88lHyUg Message-ID: To: Lester Caine Cc: "internals@lists.php.net" Content-Type: multipart/alternative; boundary=089e0122814819ff1104f230277e Subject: Re: [PHP-DEV] [VOTE] Timing attack safe string comparison function From: yohgaki@ohgaki.net (Yasuo Ohgaki) --089e0122814819ff1104f230277e Content-Type: text/plain; charset=UTF-8 Hi Lester, On Mon, Feb 10, 2014 at 6:03 PM, Lester Caine wrote: > Yasuo Ohgaki wrote: > >> Added yet another function to compare suggested by Lester. >> >> bool str_word_compare(str, str) >> >> This function compares data word by word rather than byte by byte. >> It supposed to be faster for large data. >> > > Yasuo ... you seem to be missing the point, and I'm not quite sure where > all these different hash compares come from but ... > > bool memequ() should only return true or false and simply compare 'word by > word' be that 32bit or 64bit words. There should be nothing in the macro > than an word XOR, and buffers should be padded to the right boundary. It is > the processing of unnecessary byte related data which is adding back in > your 'insecurity', but it is also adding extra unnecessary processing. > > The point about 'memequ' is that it should both speed up any use of memcpy > where there is no need to return anything other than a match ... it is the > subsequent search to find the '' byte which even introduces the timing > attack ... and it also makes these compares unicode safe! So that it is > only the compares that need the fine result that then need handling for a > full unicode installation. The reason why word version of comparison function(str_word_compare) does not simply compare word by word, is alignment. We cannot assume word aligned data for strings. This is the reason why there is additional byte by byte comparison. It could be made to align memory to word size, but it requires memory allocation for comparison. I'm not sure which is better, though. Regards, BTW, byte by byte part comparison can be optimized by switch since unaligned data is only up to 7 bytes. -- Yasuo Ohgaki yohgaki@ohgaki.net --089e0122814819ff1104f230277e--