[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is a constant time string compare necessary?

To: scrypt@tarsnap.com
Subject: Is a constant time string compare necessary?
From: Laurens Van Houtven <_@lvh.io>
Date: Tue, 3 Dec 2013 20:55:47 +0100
Sender: _@lvh.cc

Hi!

I've asked this question before in an earlier thread about the canonical way to use scrypt, but I don't think it was ever answered; apologies if I missed the answer.

When comparing the result of the scrypt KDF to a previously computed & stored value (say, in the context of a stored password), is it necessary to compare the two strings in constant time?

cheers
lvh

Follow-Ups:
- Re: Is a constant time string compare necessary?
  - From: Solar Designer <solar@openwall.com>

Prev by Date: Re: scrypt with "odd" r or N (Re: Canonical way to invoke the KDF?)
Next by Date: Re: Is a constant time string compare necessary?
Previous by thread: Canonical way to invoke the KDF?
Next by thread: Re: Is a constant time string compare necessary?
Index(es):
- Date
- Thread