develooper Front page | perl.perl5.porters | Postings from October 2003

Re: Hypothetical attack on 5.8.1 randomized hashes.

Thread Previous | Thread Next
From:
Alan Burlison
Date:
October 31, 2003 08:05
Subject:
Re: Hypothetical attack on 5.8.1 randomized hashes.
Message ID:
3FA2880C.1080007@sun.com
Scott A Crosby wrote:

> Unfortunately for perl, that looks to not be the case. It is true that
> a conventional hash table collision would be to fast for an attacker
> to notice the latency difference. However, Perl allows variable-length
> hash inputs. What if an attacker makes two 1010 character inputs A and
> B which both share the same 1000-character prefix, they send this to
> as part of a POST request handled by mod_perl. Then if there was a
> hash collision, a strcmp() would be done. Benchmarking, that takes
> 5000ns. When can an attacker discriminate that 5000ns additional latency?
> 
> I'm not completely sure, but indications are that, at least over a few
> hops on a local area network, this looks to be possible. If an
> attacker cannot, they can always increase the length of the common
> prefix to create a larger strcmp() latency difference. At some length
> they will succeed.

You have forgotten one crucial bit of the equation - the OS scheduler.  Most 
scheduler ticks are in the 50-100Hz range, so that will add orders of 
magnitude more jitter than rehashing.  Plus Apache 1.x runs as multiple 
processes, so you can't be sure that your probes will hit the same process 
all the time anyway, which is going to add even more jitter.

-- 
Alan Burlison
--


Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About