Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

A side-channel is a game over vulnerability when confidentiality is an important factor. For instance, if a nuke is going to be sent from Washington D.C., the amount of pizzas is D.C. increases because more people are working long nights from home. The pizza is not an issue with the confidentiality, but a result of something else (side-channel).

The most common side-channel in computer science is a timing attack. This is references to how much time an operation takes to occur. Some examples of these are the following:

• Fast failing comparison functions
• Cache-timing vulnerabilities
• Memory access patterns

Another common leakage, which requires physical access, is power usage. Different algorithms or operations require differing amounts of energy. Because of this, it is possible to leak secrets if the operations being done is known.

An additional side-channel is electromagnetic emissions. The computer gives off large amounts of electronic emissions, such as radio waves. Some of these emissions may leak information.

How do we prevent these attacks? For timing, this looks like having constant-time algorithms, or an algorithm that returns the data in the same exact amount of time every time. This article goes VERY deep into proper constant-time algorithms. Constant time math is not as simple as it seems.

For preventing power usage, it is very difficult to do and usually is just a bunch of obfuscation (instead of real security). An example of this is adding random operations of random time intervals to prevent any useful information from being gathered. Another way is to use different cryptographic algorithms, such as BearSSL using Montgomery Multiplication instead of square-and-multiply.