rfc:timing_attack

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
rfc:timing_attack [2014/02/02 22:46]
realityking
rfc:timing_attack [2014/04/13 21:33]
realityking
Line 1: Line 1:
  
 ====== Request for Comments: Timing attack safe string comparison function ====== ====== Request for Comments: Timing attack safe string comparison function ======
-  * Version: 1.o+  * Version: 1.0
   * Date: 2013-12-22   * Date: 2013-12-22
-  * Author: Rouven Weßling, me@rouvenwessling +  * Author: Rouven Weßling, me@rouvenwessling.de 
-  * Status: ​Under Discussion+  * Status: ​Implemented in 5.6 as hash_equals()
   * First Published at: http://​wiki.php.net/​rfc/​timing_attack   * First Published at: http://​wiki.php.net/​rfc/​timing_attack
  
Line 43: Line 43:
 ===== Vote ===== ===== Vote =====
  
-<doodle title="​Timing attack safe string comparison function"​ auth="​realityking"​ voteType="​single"​ closed="​false">+<doodle title="​Timing attack safe string comparison function"​ auth="​realityking"​ voteType="​single"​ closed="​true">
    * Yes    * Yes
    * No    * No
Line 60: Line 60:
   * 0.1 Initial publication   * 0.1 Initial publication
   * 0.2 Renamed to hash_compare,​ added link to Zend Framework 2, removed information leak when knownString is empty (Thank you Tjerk)   * 0.2 Renamed to hash_compare,​ added link to Zend Framework 2, removed information leak when knownString is empty (Thank you Tjerk)
- * 1.0 Moved function to ext/hash. Started voting.+  ​* 1.0 Moved function to ext/hash. Started voting.
rfc/timing_attack.txt · Last modified: 2017/09/22 13:28 (external edit)