[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #66603] grub_crypto_memcmp side-channel
|
From: |
Jonathan Bar Or ("JBO") |
|
Subject: |
[bug #66603] grub_crypto_memcmp side-channel |
|
Date: |
Fri, 27 Dec 2024 11:22:45 -0500 (EST) |
URL:
<https://savannah.gnu.org/bugs/?66603>
Summary: grub_crypto_memcmp side-channel
Group: GNU GRUB
Submitter: yo_yo_yo_jbo
Submitted: Fri 27 Dec 2024 04:22:41 PM UTC
Category: Security
Severity: Major
Priority: 5 - Normal
Item Group: Software Error
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: other
Release:
Reproducibility: None
Planned Release: None
_______________________________________________________
Follow-up Comments:
-------------------------------------------------------
Date: Fri 27 Dec 2024 04:22:41 PM UTC By: Jonathan Bar Or ("JBO")
<yo_yo_yo_jbo>
The cryptographic comparison function "grub_crypto_memcmp" is susceptible to
side-channel attack due to the "if" condition when comparing bytes:
if (*pa != *pb)
counter++;
The recommended way would be the following:
int
grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
{
register grub_uint8_t indicator = 0;
grub_uint8_t* pa = a, *b = b;
grub_size_t i;
for (i=0; i<n;i++)
indicator |= (pa[i] ^ pb[i]);
return !!indicator;
}
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66603>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
- [bug #66603] grub_crypto_memcmp side-channel,
Jonathan Bar Or ("JBO") <=