2

An article describes clock skew attack possibilities §§:

These can be attacked by repeatedly connecting to the hidden service, causing its CPU load, hence temperature, to increase and so change the clockskew. Then the attacker requests timestamps from all candidate servers and finds the one demonstrating the expected clockskew pattern.

If a server does not use time synchronization services like NTP etc, is it still vulnerable to clockskew attacks?

To be clear, the server only has a local clock and time is kept up-to-date by an administrator manually updating the system clock at random times, as and when it's needed.

Pacerier
  • 3,253
  • 6
  • 34
  • 61

1 Answers1

1

Yes, because they are not referring to the "RTC clock" only when they refer to "clockskew".

The clocks they mention are the Crystals that "clock" the logic. so the CPU,clock. the Memory clock, the network clock, etc.

the RTC is the only clock that really gets influenced by an NTP service.

LvB
  • 8,217
  • 1
  • 26
  • 43
  • 1
    But why do they say "One such attack is to observe timestamps from a PC connected to the Internet and watch how the frequency of the **system clock** changes.". It seems to be talking about timestamps. – Pacerier Dec 23 '14 at 14:57
  • 1
    system clock, e.a. the main bus clock influences the "time stamping process". (on most systems. the RTC is only used when the system is not powered on. when powered on the main processor increments a "teller" each clock cycle.) so. influencing the speed of the "bus clock" (the crystals) can reveal information through the time stamping processes. so, the clock being influenced and observed is the System clock. and the method of observing is through the timestamps. – LvB Dec 29 '14 at 09:32
  • Such coincidence, I found an article that supports your answer https://www.imperialviolet.org/2006/09/05/cpu-clock-skew-sidechannels.html – Pacerier Dec 30 '14 at 19:43