logo

Incorrect Comparison Logic Granularity

Draft Base
Structure: Simple
Description

This vulnerability occurs when a system compares sensitive data, like passwords or authentication tokens, piece-by-piece instead of as a complete unit. If the comparison stops at the first mismatch, attackers can measure tiny timing differences to gradually guess the correct value.

Extended Description

Developers often implement comparison logic—for passwords, MACs, or challenge responses—by checking each character or byte individually and exiting early when a mismatch is found. This "short-circuit" behavior creates a detectable timing side-channel: each incorrect guess takes slightly longer to fail as more characters match. An attacker can exploit this by systematically trying different values and analyzing response times to reconstruct the secret, piece by piece. To prevent this, always use constant-time comparison functions that process the entire input regardless of content. These functions ensure the comparison takes the same amount of time whether it succeeds or fails, eliminating the timing side-channel. Never roll your own comparison for security-critical data; rely on vetted library functions designed to resist timing attacks.
Common Consequences 1
Scope: ConfidentialityAuthorization

Impact: Bypass Protection Mechanism
Potential Mitigations 1
Phase: Implementation
The hardware designer should ensure that comparison logic is implemented so as to compare in one operation instead in smaller chunks.
Observed Examples 3
CVE-2019-10482Smartphone OS uses comparison functions that are not in constant time, allowing side channels
CVE-2019-10071Java-oriented framework compares HMAC signatures using String.equals() instead of a constant-time algorithm, causing timing discrepancies
CVE-2014-0984Password-checking function in router terminates validation of a password entry when it encounters the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.
References 1
SCA4n00bz - Timing-based Sidechannel Attacks for Hardware N00bz workshop
Joe Fitzpatrick
https://github.com/securelyfitz/SCA4n00bz
ID: REF-1079
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Technologies:
Not Technology-Specific : Undetermined
Modes of Introduction
Architecture and Design
Implementation
Related Attack Patterns
Related Weaknesses
ChildOf: Observable Timing Discrepancy (CWE-208)
ChildOf: Incorrect Comparison (CWE-697)
Notes
MaintenanceCWE 4.16 removed a demonstrative example for a hardware module because it was inaccurate and unable to be adapted. The CWE team is developing an alternative.