diff --git a/src/authentication.js b/src/authentication.js
index 81e372e..2317268 100644
--- a/src/authentication.js
+++ b/src/authentication.js
@@ -1,11 +1,22 @@
 const { subtle } = require('node:crypto').webcrypto;
 const stringutils = require("./stringutils");
+const crypto = require('crypto');
 
 const sharedSecret = process.env.SHARED_SECRET;
 
 const authentication = {
     checkSharedSecret: (providedSecret) => {
-        return sharedSecret === providedSecret;
+        const sharedSecretBuffer = Buffer.from(sharedSecret);
+        const providedSecretBuffer = Buffer.from(providedSecret);
+
+        const length = Math.max(sharedSecretBuffer.length, providedSecretBuffer.length);
+        const paddedSharedSecret = Buffer.alloc(length, 0);
+        const paddedProvidedSecret = Buffer.alloc(length, 0);
+
+        sharedSecretBuffer.copy(paddedSharedSecret);
+        providedSecretBuffer.copy(paddedProvidedSecret);
+
+        return crypto.timingSafeEqual(paddedSharedSecret, paddedProvidedSecret);
     },
     verifySignature : async (msg, sig, publicKeys) => {
         try {