Comment by ZiiS
6 days ago
I am not confident enough in this area to to report a vunrability, the networking alone probably makes timing impractical. I thought it was now practical to generate known prefix Sha256, so some information could be extracted? Not enough to compromise but the function is right there.
Learning a prefix of the hash doesn't really get you anywhere. The hash itself isn't a secret -- it could be published publicly without breaking the security model. You still need to derive a token that hashes to that value in full, and if you can do that then you've broken the hash algorithm by definition.
Say I got a memory dump from the client system. I don't know what is what but the secret is in their somewhere.
Filtering it down by the hash prefix locally is much leas likly to be detected then spamming the servers.
Yes I guess if you trust the hash implementation completly; I just favour a bit more defence in depth.