.SH CAVEATS
Do not use
.BR memcmp ()
-to compare security critical data, such as cryptographic secrets,
-because the required CPU time depends on the number of equal bytes.
-Instead, a function that performs comparisons in constant time is required.
+to compare confidential data,
+such as cryptographic secrets,
+because the CPU time required for the comparison
+depends on the contents of the addresses compared,
+this function is subject to timing-based side-channel attacks.
+In such cases,
+a function that performs comparisons in deterministic time,
+depending only on
+.I n
+(the quantity of bytes compared)
+is required.
Some operating systems provide such a function (e.g., NetBSD's
.BR consttime_memequal ()),
but no such function is specified in POSIX.