IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [side-channel]

A side channel attack is an attack that deduces secret information from environmental observations such as timing or power consumption.

A side channel of system is a way in which the system reveals information indirectly. Side channel attacks can allow attackers to obtain confidential information even when the stored or transmitted message itself is not leaked.

A common class of side channels is timing , where the duration of certain operations reveals information about the data that is being processed. For example, the number of elementary operations in an encryption algorithm may depend on the value of the key; the interval between network packets may be indicative of how much computation was required to generate the packet and thus of the content of the packet.

Other types of side channels include power consumption, electromagnetic radiation, noise, etc.

For questions about side channel attacks on cryptographic algorithms specifically, see also side-channel-attacks on our sister site about cryptography.

85 questions
4
votes
2 answers

Change the function such that there are no more side-channels

Given is the function compareKey which is a part of a crackme (a binary file). Which side-channel attack can be used to find the right password (password is made up by ASCII coded big and small letters from a-z, and decimals) and how can you design…
eyesima
  • 173
  • 5
4
votes
2 answers

Will patching a higher layer protect against the spectre/meltdown vulnerability in a lower layer?

The question I am about to ask is similar to the following question: Do I need to patch Linux for Meltdown/Spectre if the hypervisor has been patched, and I trust the guest? However, I would like to take the question a bit further or a bit deeper.…
John K. N.
  • 141
  • 5
4
votes
1 answer

Side channel attack on SSD?

I know it is possible to obtain the key from some cryptographic schemes by using side channel attack on hard drive such as noise and magnetic fields. I was wondering if it was possible to use side channel attack on solid state drives? I have yet to…
user153882
  • 753
  • 1
  • 5
  • 13
3
votes
1 answer

Do we have to take algorithm substitution attacks seriously?

Bruce Schneier's blog drew my attention to algorithm substitution attacks which may leak symmetric keys through IV or padding or other covert channels, encrypted with escrow keys. The major premise is that cryptolibraries (or HSMs, or encryption…
Deer Hunter
  • 5,297
  • 5
  • 33
  • 50
3
votes
1 answer

Does this theoretical salted-hash-sleep scheme mitigate timing attacks?

This question is purely theoretical, I have no intention of ever implementing this scheme in practice. I'm familiar with the shortcomings of sleeping as means of mitigating timing attacks. I'm more interested in this from the attacker's…
PhilipRoman
  • 133
  • 3
3
votes
1 answer

Cache side-channels: Prime & Probe attack

I am having trouble to completely understand the Prime & Probe attack: My current understanding is this: Priming phase: The attacker occupies all cache sets with attacker data. Probe phase: The attacker measures access time to figure out which set…
CryptoThomas
  • 31
  • 1
  • 3
3
votes
2 answers

What CPUs does the Spoiler attack affect?

I see on different websites different information about the Spoiler Attack. Some websites say all Intel CPUs are vulnerable and other websites say only Intel Core CPUs are vulnerable. Are Intel Xeon CPUs vulnerable?
user201255
  • 31
  • 1
3
votes
1 answer

Does OpenSSH use padding of random lengths?

According to the end of RFC 4253 § 6, the random padding introduced to each SSH packet is an arbitrary multiple of 8. It mentions that random padding lengths can mitigate traffic analysis: Note that the length of the concatenation of…
forest
  • 64,616
  • 20
  • 206
  • 257
3
votes
2 answers

How does the side channel actually access the contents of kernel memory in Meltdown?

In the Meltdown paper it mentions it can identify kernel memory address being accessed. The part I don't understand is how the FLUSH+RELOAD channel works to identify what the contents of the memory address in the L1 cache lines are. How does it…
Dale
  • 133
  • 3
2
votes
0 answers

OpenPGP smartcards compromised by blackhat 2015 simcard hack?

This blackhat was a new sidechannel attack in the SIM-card AES encryption announced. I am currently using the OpenPGP smart/SIM-card version 2.1 to store my PGP-private keys, which is the same model as the EFF membership card. Does this disclosure…
WhatIsName
  • 131
  • 3
2
votes
0 answers

How to do side channel attack on smart cards?

Assume that I have a smart card and I want to do a differential power side channel attack on its mutual authentication mechanism. This is the mutual authentication mechanism that my card using(Let assume that the authentication key is AuthKey and…
TheGoodUser
  • 799
  • 1
  • 6
  • 13
2
votes
1 answer

Are servers that do not implement time services vulnerable to clock skew attacks?

An article describes clock skew attack possibilities §§: These can be attacked by repeatedly connecting to the hidden service, causing its CPU load, hence temperature, to increase and so change the clockskew. Then the attacker requests timestamps…
Pacerier
  • 3,253
  • 6
  • 34
  • 61
2
votes
1 answer

Timeless timing attacks and response jitter

I've been researching timeless timing attacks, ie: timing attacks using concurrency rather than round trip time. Here is an article by portswigger with links to the original article by Van Goethem. Basically it says that if you pack two requests…
wade king
  • 123
  • 4
2
votes
0 answers

Compiler-induced information leaks/side-channels in cryptography implementations

In Cryptography Engineering Ferguson, Schneier and Kohno put a big emphasis on quality of code in order to prevent it from leaking information and from being vulnerable to memory corruption exploits. Re-implementing cryptography, especially when…
Albert Gomà
  • 434
  • 2
  • 10
2
votes
2 answers

Use delay with a fixed total time to defend against timing attacks

Consider this common example used to demonstrate timing attacks: async def sign_in(username, password): user = await get_user_from_db(username) if user is None: return False # early return :( password_hash = slow_hash(password) return…
Zizheng Tai
  • 131
  • 2
1 2
3
4 5 6