About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Timeless Timing Attacks- 583

Tom Van Goethem & Mathy VanhoefPosted 4 Years Ago
  • Timing attacks are used all over the place in order to implicitly figure out data. Timing attacks are common with cryptosystems to leak information about the key. A timing attack is a specific version of a side channel attack.
  • While on the web, this attack is significantly harder because of network jitter. The higher the jitter, the lower success of the timing attack. By moving closer to the target, adding more requests and a few other tricks, it is possible to statistically analyze the results to figure out the timing of some action. Can this be improved?
  • At this point, absolute response timing is inconsistent because of network jitter. Let's remove this! This can be done by exploiting concurrency to force all of the requests to have the same network jitter on the response.
  • Instead of viewing the response time we only care about the response order. In order to make this possible, requests need to meet the following requirements:
    1. Requests need to arrive at the same time
    2. The server needs to process the requests concurrently.
    3. The response order needs to reflect the difference in execution time.
  • For item #1, there are a few ways to do this. With HTTP/2 or HTTP/3, there is multiplexing that processes multiple packets at the same. With HTTP1, we can use network encapsulation with either Tor or VPN to achieve this.
  • For item #2 this is application dependent. For item #3, the ordering SHOULD be the same. But, it may require viewing the TCP ordering fields to validate. Both of these are doable tough.
  • This new technique blows the old way out of the water! The traditional attack depends on the location of the server and the amount of requests that can be made to only get a precision of 10ish microseconds at the best. The new technique allows precision of nano seconds, with 5 microseconds of precision within only 50 requests! Damn, this is a game changer.
  • The authors took this new knowledge and implemented it in a few places. They used it for a cross-site search attack on HackerOne and the WPA3 WiFi Protocol handshake for EAP-pwd. Exploitation of timing attacks just became more practical!

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed