Timing Attack in Django with Hmac Signatures

A timing attack in Django when HMAC signatures are used occurs because signature comparison can short-circuit on the first mismatching byte. If the comparison function returns as soon as a difference is found, an attacker can measure response times to infer how many leading bytes of the supplied signature match the expected signature. This leaks information about a valid signature without needing to know the secret. In Django, this is common when developers compare HMAC digests using Python’s == rather than a constant-time comparison, and when the HMAC is computed over sensitive tokens such as password reset tokens or session identifiers.

Consider a password reset flow where Django generates a token with an HMAC signature. The endpoint might compute hmac.new(key, msg=token, digestmod='sha256').hexdigest() and compare it to the signature included in the request. An attacker can send many guesses and observe that requests with a guessed first byte that matches take slightly longer, because the comparison proceeds further before failing. Over many requests, the attacker can reconstruct the full signature byte by byte. This is a practical concern because HMAC digests are often long enough to make brute-force infeasible, but timing leaks reduce the effective entropy significantly.

The risk is compounded when the HMAC is used for authentication or authorization decisions in unauthenticated attack surface scans (black-box testing). A scanner that includes timing analysis can detect statistical differences in response times across requests, exposing whether the application uses constant-time checks. Without mitigations such as hmac.compare_digest, frameworks that do not enforce constant-time by default can inadvertently expose a vulnerability that is detectable through network-level timing measurements.

In the context of middleware or view logic, failing to isolate the signature verification from variable-time operations (such as string concatenation, database lookups whose timing depends on data, or conditional branches on secret-derived values) can amplify the leakage. For example, if the token is looked up in a database before verifying the HMAC, the database query time may correlate with the token’s properties and add additional observable timing variance. Therefore, the combination of Django views, HMAC-based tokens, and non-constant comparison is a classic scenario where timing attacks transition from theoretical to practical.

Use hmac.compare_digest to compare HMAC signatures in constant time. This function is designed to mitigate timing attacks by ensuring the comparison takes the same amount of time regardless of how many bytes match. In Django views or token verification utilities, replace any direct equality check on hex digests with hmac.compare_digest.

import hmac
import hashlib

def verify_token(token, received_signature, secret_key):
    expected_signature = hmac.new(
        secret_key.encode('utf-8'),
        msg=token.encode('utf-8'),
        digestmod=hashlib.sha256
    ).hexdigest()
    return hmac.compare_digest(expected_signature, received_signature)

When working with Django forms or API tokens, ensure the signature verification is performed before any branching based on the token’s content. Avoid mixing timing-variable operations (e.g., database queries, string formatting) with the comparison step unless they are necessary and also protected against timing leaks.

For HMAC-based authentication in Django REST Framework, wrap the verification in a utility that uses hmac.compare_digest and enforce that the comparison is the final step before accepting the token:

import hmac
import hashlib
from rest_framework import authentication, exceptions

def verify_hmac_signature(data, signature_header, secret):
    computed = hmac.new(
        secret.encode('utf-8'),
        msg=data.encode('utf-8'),
        digestmod=hashlib.sha256
    ).hexdigest()
    if not hmac.compare_digest(computed, signature_header):
        raise exceptions.AuthenticationFailed('Invalid signature')
    return True

class HMACAuthentication(authentication.BaseAuthentication):
    def authenticate(self, request):
        signature = request.META.get('HTTP_X_API_SIGNATURE')
        payload = request.body.decode('utf-8')
        secret = 'my-secret-key'  # should come from settings
        if not verify_hmac_signature(payload, signature, secret):
            return None
        return (payload, None)

Additionally, ensure the secret key is stored securely (e.g., using environment variables or a secrets manager) and rotated periodically. Avoid using weak or predictable keys, as the strength of HMAC depends on both the algorithm and the secrecy of the key. Combine constant-time comparison with other secure practices—such as using strong hash functions (SHA-256 or better), including a nonce or timestamp to prevent replay, and enforcing HTTPS—to reduce the overall attack surface.

In CI/CD or automated scanning contexts, tools like the middleBrick CLI can be used to verify that your endpoints do not exhibit timing anomalies by running unauthenticated scans. Incorporating the middleBrick GitHub Action can fail builds if security checks detect risky patterns, while the Web Dashboard helps track changes over time. For deeper integration, the MCP Server allows you to scan APIs directly from your AI coding assistant, ensuring HMAC implementations remain consistent with security best practices.