Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm not sure I agree that it would matter, but, either way, using a constant-time equality function might have given readers the impression that my code was safe to use. It isn't. That was never the intention. One of my main points was that it's extremely hard to do properly. My (pseudo-code) examples were intended to explain the concepts of salting and stretching. Perhaps it's unfortunate that they're actually valid Python.

People should use proven KDFs for password authentication, not implement their own (including using my SHA-salting/iteration examples.)

Edit: removed "in web apps"



Many timing attacks are viable in web applications. But there aren't timing attacks against password hash comparisons, for obvious reasons.


You're right. That was an unfortunate choice of words.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: