IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [timing-attack]

73 questions
11
votes
1 answer

Why does this cache attack work?

I was recently reading the following paper about doing a cache attack in Javascript: https://arxiv.org/pdf/1502.07373v2.pdf But I was confused by how it could work. In the paper, an 8 MB buffer was enough to have a high success rate for finding an…
sunny-lan
  • 251
  • 1
  • 6
10
votes
1 answer

Covert, Overt, and side channels

I am really confused between the following three terms: Overt Channel. Covert Channel. Side-Channel. I feel frustrated! I've been searching about them to find a clear explanation but I keep getting confused more. I REALLY apology if this question…
Steve
  • 135
  • 1
  • 1
  • 5
8
votes
2 answers

How to slow down program execution

I have a simple executable binary. It takes as input a user supplied string and compares it with a private string using strcmp. How can I slow down the execution of this program such that I can launch a statistical timing attack on the string…
robertkin
  • 277
  • 2
  • 6
8
votes
1 answer

Deanonymizing users by introducing structured delays to the network?

Here is a scheme for deanonymizing a user that I've been thinking about, just out of curiosity. I tried searching for it but didn't find much. Does this technique have a name? Are there any papers or articles on this? And is it known to be in…
jdm
  • 941
  • 9
  • 11
8
votes
4 answers

Simple defense against power analysis?

I would like to hear your opinions and how effective would my proposed defense is against power analysis. It is one of the nastiest side channel attacks because it's undetectable and passive, but assuming that your power strip can be trusted it…
Jensen68
  • 89
  • 2
7
votes
1 answer

PHP bin2hex vulnerable to timing attack?

I've read in a few places[1][2][3] of the desire to make PHP's bin2hex constant time. In what scenarios would bin2hex be vulnerable to a timing attack? Is this below code for handling a CSRF token vulnerable to a timing attack? // generate a CSRF…
Rob Olmos
  • 123
  • 6
7
votes
2 answers

Is it reasonable to prevent timing attacks by using fixed processing time

I have systems that perform cryptographic operations within a SSL/TLS tunnel. My concern is that I may leak timing information when encrypting, decrypting, or hashing. Part 1 Is it a good idea to have a fixed processing time (or increment thereof)…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
7
votes
2 answers

Can't explain data from side channel attack attempt

I found the comparison function below (slightly modified) from a crypto library I was using. I was curious about the potential vulnerability to side channel attacks. Specifically, the character comparison is only done if the character being compared…
Michael Mior
  • 401
  • 1
  • 3
  • 11
7
votes
1 answer

Is flushing of all caches on any context switch between mutually-distrusting processes the only way to prevent cache timing attacks?

This article demonstrates a devastating Javascript-based cache timing attack that allows for cross-VM tracking of mouse movements and other activities by web pages. Is the only way to prevent cache-based snooping for the kernel to (1) never run…
Demi
  • 769
  • 1
  • 4
  • 11
7
votes
2 answers

When can you not use strcmp?

I've read that one shouldn't use strncmp(userSuppliedPassword,origPassword,sizeOfArray) (or String.equals in Java) since one can use a timing attack to guess the password. Rather, one should use a secure string comparison function which will take…
time
  • 71
  • 2
6
votes
1 answer

Are there any working proof-of-concept string comparison timing attacks?

I've tried to reproduce a string comparison timing oracle in two languages (Java and Python), but I'm not seeing any correlation in the timing based on the input into the comparison. Are there any examples out there, or do you see an issue with my…
Alex Lauerman
  • 445
  • 4
  • 8
5
votes
2 answers

Are string comparson timing attacks practical over public networks

Related are-there-any-working-proof-of-concept-string-comparison-timing-attacks I was looking at doing some encryption and hashing in PHP and came across this note Please be careful when comparing hashes. In certain cases, information can be…
Jeremy French
  • 537
  • 5
  • 12
5
votes
2 answers

What "timing attacks" could websites perform using last modified dates of files?

https://developer.mozilla.org/en-US/docs/Web/API/File/lastModified describes the .lastModified property of a File object in JavaScript (usually created when a user selects a file via a HTML element; in-browser JavaScript served…
Mark Amery
  • 1,777
  • 2
  • 13
  • 19
4
votes
0 answers

What is the state of the art in internet timing attacks?

What is the shortest timing difference resolved by a timing attack demonstrated over the internet (not just a LAN)? This paper from 2009 suggests 15µs. By how much has that number improved?
Brian Hempel
  • 141
  • 4
4
votes
1 answer

Timing attacks in managed code

I have heard that running code in a managed language, e.g. Java in the JVM, is impossible to protect against timing attacks due to the JITing nature of most managed runtimes. In concept I can agree with this, but I would like to understand what the…
Anthony Kraft
  • 1,139
  • 1
  • 8
  • 18
1
2
3 4 5