What security vulnerabilities exist when using timing-attack in node applications?

This article analyzes the timing-attack security vulnerability of node applications based on the principle. Friends who are interested can read it for reference.

Preface

If you have encountered an eslint error Potential timing attack in your project, don’t ignore it! This is a security issue: timing attacks.
eslint Error Reason

First of all, eslint introduces a plug-in called eslint-plugin-security. This plug-in helps identify potential security issues, but it can also cause false positives. Attached Plug-in source code address.

var keywords = '((' + [
  'password',
  'secret',
  'api',
  'apiKey',
  'token',
  'auth',
  'pass',
  'hash'
 ].join(')|(') + '))';

 var re = new RegExp('^' + keywords + '$', 'im');

 function containsKeyword (node) {
  if (node.type === 'Identifier') {
   if (re.test(node.name)) return true;
  }
  return
 }
 if (node.test.operator === '==' || node.test.operator === '===' || node.test.operator === '!=' || node.test.operator === '!==') {
  // 在这里 console 出错误
 }

First of all, this plug-in will determine whether the operator this time is ==, ===,! =,! ==One of them, secondly check whether the identifier (field name) contains the special string password, secret, api, apiKey, token, auth, pass, hash. If both conditions are met at the same time, eslint will compile and report an error Potential timing attack .

attack definition

timing attack: Timing attack, which belongs to side channel attack/side channel attack. Side channel attack refers to the use of information outside the channel, such as encryption and decryption. The attack method is based on the data, data comparison time, ciphertext transmission traffic and channels, which is equivalent to "making innuendo".

Attack point

First let’s talk about the principle of js comparing the size of two strings:

• Determine whether the string length is is 0. If it is 0, the result can be directly compared; otherwise, go to the second step.

• Strings are composed of characters and are compared by the charCode of each character.

• In the second step, as long as one character is different, return false, and the remaining characters will not be compared.

The comparison of single characters is very fast. The attacker can refine the measurement time accuracy to microseconds and deduce the starting character from the difference in response time. In this way By experimenting again and again or writing a script in Python to run, you can try out the correct password, and the difficulty of password cracking is also reduced a lot.

Vulnerable writing method

if (user.password === password) {
  return { state: true }; // 登录成功
 }

Defensive measures

Each different input will cause the processing time to be different. To prevent it, we need to make the string comparison take the same amount of time regardless of the password entered.
Writing that is not vulnerable to attacks

The length of each password in the system is fixed. Each time the password is compared to see if it is the same, the length of the correct password is used as the number of comparisons, and XOR is used to compare each character. Check whether the Unicode encodings are equal, and store each comparison result in an array, and finally determine whether each element of the array is 0 (0 means the two characters are the same).

 // psdReceived 为用户输入密码；
 // psdDb 为系统中存储的正确用户密码
 const correctUser = (psdDb, psdReceived) => {
  const state = [];
  for (let i = 0; i < psdDb.length; ++i) {
   if (!psdReceived[i]) {
    state.push(false);
   } else {
    state.push(psdReceived.charCodeAt(i) ^ psdDb.charCodeAt(i));
   }
  }
  return state.length !== 0 && state.every(item => !item);
 }

Three-party package recommendation

You can also use the cryptiles npm module to solve this problem

import cryptiles from 'cryptiles';

......
return cryptiles.fixedTimeCimparison(passwordFromDb, passwordReceived);

The above is what I compiled for everyone. I hope it will be helpful to everyone in the future.

Related articles:

NodeJS parent process and child process resource sharing principles and implementation methods

How to upload images and files in vue Sample code

vue axios form submission example of uploading images

The above is the detailed content of What security vulnerabilities exist when using timing-attack in node applications?. For more information, please follow other related articles on the PHP Chinese website!