1文字比較に1msかかるとした場合、パスワードの長さによって比較にかかる時間が1ms x 文字列のように法則性が出てくる。
攻撃者にパスワードの長さを予測させてしまう。
The equality (==) operator works on strings by comparing byte by byte. For example, say we have two hashes h1'
98b502005cea3919dfe4a615d690b257d08e6f2dand h2'98C502005cea3919dfe4a615d690b257d08e6f2dand let’s suppose it takes 1ms to compare each pair of characters and 40ms to compare both hashes against each other. The equality operator would stop at the first comparison where both elements are different (in this case, elementsbandCat index 3) and return, only taking 3ms.copy
1 2 3 498b502005cea3919dfe4a615d690b257d08e6f2d ^^! 98C502005cea3919dfe4a615d690b257d08e6f2d ^^!The problem is that with the information gathered, the attacker can figure out which character he got wrong and continue trying to guess the decryption key. If we have used a constant time compare function, the whole compare process would’ve taken around the same amount of time no matter the hash’s contents, in this example, 40ms.
