Rust JWT Library, HMAC Timing Attack, CVE-2024-32650 (Critical)

Listen to this Post

The vulnerability CVE-2024-32650 stems from non-constant-time comparison of HMAC signatures in a Rust JWT library. The `SharedKey::sign()` method used HmacSha256::finalize().into_bytes().to_vec(), which converts the constant-time `CtOutput` wrapper into a standard Vec<u8>. This vector’s subsequent comparison for signature verification uses a standard equality check (==), which short-circuits upon finding the first differing byte. By meticulously measuring the response times for numerous forged signatures, an attacker can perform a timing attack. They can statistically analyze these timings to gradually deduce the correct HMAC signature byte-by-byte, ultimately allowing them to forge a valid JWT token without knowing the secret key.
Platform: Rust crate
Version: jwt-simple
Vulnerability: Timing Attack
Severity: Critical

date: 2024-04-25

Prediction: Patch released

What Undercode Say:

`perf stat` for timing

`==` operator unsafe

`verify_slice` method safe

How Exploit:

Measure response times

Byte-by-byte forgery

Statistical analysis

Protection from this CVE:

Use `verify_slice` method

Retain `CtOutput` wrapper

Constant-time comparisons

Impact:

JWT signature forgery

Authentication bypass

Token manipulation

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top