[westurner]

Does it say somewhere that non-neteork-io PAM modules are supposed to be constant time?

  def add_noise(t=10):
    time.sleep(t-1)
    time.sleep(
      uniformrandom(min=0,max=1))

Constant time: https://en.wikipedia.org/wiki/Time_complexity#Constant_time

(Re: Short, DES passwords https://en.wikipedia.org/wiki/Triple_DES :

> A CVE released in 2016, CVE-2016-2183 disclosed a major security vulnerability in DES and 3DES encryption algorithms. This CVE, combined with the inadequate key size of DES and 3DES, NIST has deprecated DES and 3DES for new applications in 2017, and for all applications by the end of 2023.[1] It has been replaced with the more secure, more robust AES.

Except for PQ. For PQ in 2022: https://news.ycombinator.com/item?id=32760170 :

> NIST PQ algos are only just now announced: https://news.ycombinator.com/item?id=32281357 : Kyber, NTRU, {FIPS-140-3}? [TLS1.4/2.0?]

[bee_rider]

I'm not sure I follow this comment.

Adding a random amount of time seems like a reasonable thing to do.

Not sure what the links are all about, or the discussion of time complexity... I mean, there isn't an "input size" to talk about big-O scaling anyway, in the case of sudo.

[westurner]

Should the time to complete the (single-character) password-hashing/key-strengthening routine vary in relation to any aspect of the input ?

Timing attacks > Avoidance https://en.wikipedia.org/wiki/Timing_attack