Do not use
.BR memcmp ()
to compare security critical data, such as cryptographic secrets,
-because the required CPU time depends on the amount of equal bytes.
+because the required CPU time depends on the number of equal bytes.
+Instead, a function that performs comparisons in constant time is required.
+Some operating systems provide such a function (e.g., NetBSD's
+.BR consttime_memequal ()),
+but no such function is specified in POSIX.
+On Linux, it may be necessary to implement such a function oneself.
.SH SEE ALSO
.BR bcmp (3),
.BR strcasecmp (3),
.BR strncmp (3),
.BR wmemcmp (3)
.SH COLOPHON
-This page is part of release 3.76 of the Linux
+This page is part of release 3.79 of the Linux
.I man-pages
project.
A description of the project,