E.g.: XORing the candidate against stored then comparing against 0.
Do I need to worry?
(my question is much in the same style as this question: Does bcrypt compare the hashes in "length-constant" time?)
Asked
Active
Viewed 35 times
0
-
@TerryChia: I already referenced that question. My question is about **s**crypt, not **b**crypt. – A T Apr 20 '14 at 09:34
-
And which part of the accepted answer isn't clear? No, timing attacks aren't really relevant to hashing. – Apr 20 '14 at 09:35
-
3@AT My answer on that question applies to Scrypt as well – Adi Apr 20 '14 at 09:41
-
Scrypt itself has far worse timing issues internally. Unlike timing issues with comparison those might actually give an advantage to an attacker in some situations. – CodesInChaos Apr 21 '14 at 08:46