Patch for timeless timing attack vulnerability in user login

[JensJI]

Timebox class

This new Timebox class makes a callable execute for at least the supplied amount of time.

This helps us guard against timing attacks at the application.

Timeless timing attacks

The authentication method is currently vulnerable to user enumeration via timeless timing attacks.
This is caused by the early return inside the hasValidCredentials method in the Illuminate\Auth\SessionGuard class.

If the user does not exist most of the code in that method will not be called and thus the execution time will be a tiny bit shorter.

With traditional timing attacks this would not be practical to utilize because of the large sample sizes needed, but timeless timing attacks which uses the HTTP/2 multiplexing protocol can with high accuracy measure timing differences between two calls to a remote server on 20 microseconds with a sample size on only 6 request pairs.

This means that most throttling/max attempts/DoS attack protection etc will not be triggered, and it is suddently very practical to harvest existing emails for a site (user enumeration).

User enumeration is in itself a security problem for some sites (where users dont want others to know they are using that site), but in general user enumeration can be used in tandem with other attacks (e.g. brute-forcing passwords or using previously leaked passwords).

The patch

That is why the new Timebox class is also implemented inside the hasValidCredentials method in this PR.

A demo script that can be used to exploit the user enumeration can be found here.

The changes in this PR adds a minimum execution time for the hasValidCredentials method for 200ms.
But if the credentials are correct the timebox will be escaped and the user would not have to wait.

So this change only affects users typing the wrong credentials.

This pull request is opened with permission from Taylor via e-mail.

More in depth explanation of timeless timing attacks can be found here.