jmanczak/mnemosyne
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mitigate sidechannel timing attack for basic auth

Browse Source 
Information on whether a user with a given handle exists or not could be
collected by checking the difference between response times of
auth-required endpoints with and without a real handle being passed into
Basic auth. This is because the time-expensive password hash would only
be computed for users that exist, lengthening the response time. In
local testing, this was a difference of 8ms vs. 35-60ms.

A hash is now computed even if a user with the requested handle doesn't
exist, mitigating the issue and leaving only negligible differences
inbetween all response times, from which no information can be obtained.
This commit is contained in:
Jakub Mańczak
2026-02-24 14:49:30 +01:00
parent f6feec2469
commit 5a92740785
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/users/auth/mod.rs
View File

@@ -20,6 +20,10 @@ pub trait UserPasswordHashing {
/// Returns whether the password matches the hash
fn match_hash_password(passw: &str, hash: &str) -> Result<bool, argon2::password_hash::Error>;
}
pub trait UserAuthDummyData {
const DUMMY_PASSWORD_PHC: &str;
const DUMMY_PASSWORD: &str;
}
#[derive(thiserror::Error, Debug)]
pub enum AuthError {