timing attack

Laravel Tech Community

May 9, 2021 · Backend Development

hash_equals() – Constant‑Time String Comparison to Prevent Timing Attacks

The article explains PHP's hash_equals() function, which performs a constant‑time comparison of two strings to mitigate timing attacks, describes its parameters and return value, and provides example code demonstrating correct and incorrect usage with crypt() hashes.