Affected version of
github.com/robbert229/jwt are vulnerable to Side-channel Attacks.
The library uses the insecure, non-constant string comparison function
strings.Compare(), instead of the time constant string comparison. As a result, the comparison will fail faster when the first characters in the HMAC are incorrect.
An attacker can use this difference to perform a timing attack, essentially allowing them to guess the HMAC one character at a time.
Similar vulnerability was previously found in Google's Keyczar crytographic library.
You can read more about timing attacks in Node.js on the Snyk blog.
- Snyk ID
- 31 Mar, 2015
- 01 Oct, 2017