From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1N7YL5-00028u-9R
	for mharc-grub-devel@gnu.org; Mon, 09 Nov 2009 12:47:39 -0500
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1N7YL3-00027g-M9
	for grub-devel@gnu.org; Mon, 09 Nov 2009 12:47:37 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1N7YKy-000235-Bq
	for grub-devel@gnu.org; Mon, 09 Nov 2009 12:47:36 -0500
Received: from [199.232.76.173] (port=38602 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1N7YKy-00022r-3o
	for grub-devel@gnu.org; Mon, 09 Nov 2009 12:47:32 -0500
Received: from esemetz.metz.supelec.fr ([193.48.224.212]:53771)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <thomas@duboucher.eu>) id 1N7YKx-0000nc-I3
	for grub-devel@gnu.org; Mon, 09 Nov 2009 12:47:31 -0500
Received: from mx1.metz.supelec.fr (mx1.metz.supelec.fr [193.48.224.216])
	by esemetz.metz.supelec.fr (8.14.1/8.14.1) with ESMTP id nA9HlMxK004374
	for <grub-devel@gnu.org>; Mon, 9 Nov 2009 18:47:22 +0100
Received: from [127.0.0.1] (Java_cJ@duboucher.rez-metz.supelec.fr
	[193.48.225.222] (may be forged))
	by mx1.metz.supelec.fr (8.14.1/8.14.1) with ESMTP id nA9HlGLr007086
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <grub-devel@gnu.org>; Mon, 9 Nov 2009 18:47:17 +0100
Message-ID: <4AF85568.7080105@duboucher.eu>
Date: Mon, 09 Nov 2009 18:46:16 +0100
From: Duboucher Thomas <thomas@duboucher.eu>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: The development of GNU GRUB <grub-devel@gnu.org>
References: <20091109010422.GA23417@thorin>	<ca0f59980911090533r5cb2f242h76b0f78437891ea9@mail.gmail.com>	<4AF81E2C.2090700@gmail.com>	<ca0f59980911090621r1529cfa3sff29fbf03b197e14@mail.gmail.com>
	<4AF82868.6090803@gmail.com>
In-Reply-To: <4AF82868.6090803@gmail.com>
X-Enigmail-Version: 0.96.0
OpenPGP: id=A79F86A8
Content-Type: text/plain; charset=ISO-8859-1
X-Virus-Scanned: ClamAV 0.94.1/9999/Sat Nov 7 09:23:30 2009 on
	mx1.metz.supelec.fr
X-Virus-Status: Clean
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0
	(esemetz.metz.supelec.fr [193.48.224.212]);
	Mon, 09 Nov 2009 18:47:22 +0100 (CET)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0
	(mx1.metz.supelec.fr [193.48.224.216]);
	Mon, 09 Nov 2009 18:47:22 +0100 (CET)
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by esemetz.metz.supelec.fr
	id nA9HlMxK004374
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3)
Subject: Re: Imminent bugfix release (1.97.1)
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GNU GRUB <grub-devel@gnu.org>
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 17:47:38 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Vladimir 'phcoder' Serbinenko a =E9crit :
> Bean wrote:
>> On Mon, Nov 9, 2009 at 9:50 PM, Vladimir 'phcoder' Serbinenko
>> <phcoder@gmail.com> wrote:
>>  =20
>> Hi,
>>
>> int
>> grub_auth_strcmp (const char *s1, const char *s2)
>> {
>>   int ret;
>>   grub_uint64_t end;
>>
>>   end =3D grub_get_time_ms () + 100;
>>   ret =3D grub_strcmp (s1, s2);
>>
>>   /* This prevents an attacker from deriving information about the
>>      password from the time it took to execute this function.  */
>>   while (grub_get_time_ms () < end);
>>
>>   return ret;
>> }
>>
>> Isn't this 100 ms ? Anyway, the longest supported string is 1024 long,
>> I doubt there is any perceivable difference between them.
>>
>>  =20
> If attacker is on fast serial connection he could possibly measure the
> difference
>=20

Hi,

	I'm not very confident in this piece of code. I would rather go with
something like

int
grub_auth_strcmp (const char *s1, const char *s2)
{
  int n;
  volatile int ret =3D 0;

  for (n =3D grub_strlen (s1); n >=3D 0; n--)
  {
    if (*s1 !=3D *s2)
      ret |=3D 1;
    else
      ret |=3D 0;

    s1++; s2++;
  }

  return ret;
}

	Ok, I typed this in a few minutes and I'm not confident either with
what I wrote; I would check that it works first. ;)
	But the point here is that whatever the user gives as an input, it is
executed exactly n-th times, n being the length of the user input; and
that whatever the result of the 'if' statement is, the CPU realizes the
same amount of operations. By doing so, the attacker will only find out
how long it takes to make the comparison with a n caracters long input.

	Thomas.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkr4VWgACgkQBV7eXqefhqhcIQCgpviYSvNqGqH3fi2Td4QChsam
JWQAni9R7zOWFMGBu5X9rXWOjenIXx31
=3Dvnph
-----END PGP SIGNATURE-----