[New-bugs-announce] [issue14532] multiprocessing module performs a time-dependent hmac comparison

Jon Oberheide report at bugs.python.org
Sun Apr 8 22:27:43 CEST 2012

New submission from Jon Oberheide <jon at oberheide.org>:

The multiprocessing module performs a time-dependent comparison of the HMAC digest used for authentication:

def deliver_challenge(connection, authkey):
    import hmac
    assert isinstance(authkey, bytes)
    message = os.urandom(MESSAGE_LENGTH)
    connection.send_bytes(CHALLENGE + message)
    digest = hmac.new(authkey, message).digest()
    response = connection.recv_bytes(256)        # reject large message
    if response == digest:
        raise AuthenticationError('digest received was wrong')

This comparison should be made time-independent as to not leak information about the expected digest and allow an attacker to derive the full digest.

More info on such timing attacks:


components: Library (Lib)
messages: 157809
nosy: Jon.Oberheide
priority: normal
severity: normal
status: open
title: multiprocessing module performs a time-dependent hmac comparison

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list