Trying to understand this function from Go, why create a function that always works in constant time and how does it work?

Question

Trying to understand this function from Go, why create a function that always works in constant time and how does it work?

I came across the next crypto / thin package feature, which aroused a lot of curiosity in me, wanting someone to be able to explain the purpose behind it. Thanks,

// ConstantTimeByteEq returns 1 if x == y and 0 otherwise. 27 func ConstantTimeByteEq(x, y uint8) int { 28 z := ^(x ^ y) 29 z &= z >> 4 30 z &= z >> 2 31 z &= z >> 1 32 33 return int(z) 34 }

+8

go

Rn2dy Dec 05 '13 at 22:17

source share

1 answer

Volker · Accepted Answer · 2013-12-05T22:43:18+0000

It prevents temporary attacks against cryptosystems: Any code path takes exactly the same amount of time.

If you are careless about time, you open a side channel that comforts information about your secret. For example. you can determine that the first character of the password is “R” because the system does not work 10ns faster if your incorrect password starts with “R”. Repeat with the following character until you find the password.

The implementation of cryptography is really complex. It is actually very difficult.

Trying to understand this function from Go, why create a function that always works in constant time and how does it work?

More articles: