Timing Attack Affecting node-forge package, versions <0.6.33



    Attack Complexity High
    Confidentiality High

    Threat Intelligence

    Exploit Maturity Mature

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID npm:node-forge:20150626
  • published 26 Dec 2016
  • disclosed 25 Jun 2015
  • credit Dave Longley

Introduced: 25 Jun 2015

CVE NOT AVAILABLE CWE-208 Open this link in a new tab

How to fix?

Upgrade node-forge to version 0.6.33 or higher.


node-forge is a JavaScript implementation of network transports, cryptography, ciphers, PKI, message digests, and various utilities. Affected versions of the package are vulnerable to a Timing Attack due to unsafe HMAC comparison. The HMAC algorithm produces a keyed message by pairing a hash function with a cryptographic key. Both the key and a message serve as input to this algorithm, while it outputs a fixed-length digest output which can be sent with the message. Anyone who knows the key can repeat the algorithm and compare their calculated HMAC with one they have received, to verify a message originated from someone with knowledge of the key and has not been tampered with.

The problem begins when trying to compare two HMACs. This is the part of code that handles the comparison:

if(byteArrayA.length != byteArrayB.length) { return false; }
for(int i = 0; i < byteArrayA.length; i++) {
  if(byteArrayA[i] != byteArrayB[i]) { return false; }
return true;

The issue is that the more bytes match in the two arrays, the more comparisons are formed and the longer it'll take to return a result. This may allow attackers to brute force their way into the servers.