Then, they base the analysis on the order in which the responses are received back, which ignores the random timing delay introduced by the network. The first request targets the program under analysis and the second executes baseline program with a known execution time. Their approach binds 2 requests together such that both requests arrive at the exact same time. The concurrency approach innovated by the authors is unaffected by the differences in network requests. In remote timing attacks, measuring the execution time of a program running on a remote server is largely impacted by the unpredictable differences between two similar network requests. In a typical timing attack, the adversary obtains a series of sequential measurements and then performs a statistical analysis in an attempt to infer the actual execution time for varying inputs. We describe how these timing attacks can be successfully deployed against HTTP/2 webservers, Tor onion services, and EAP-pwd, a popular Wi-Fi authentication method. We show how these attacks result in a 100-fold improvement over typical timing attacks performed over the Internet, and can accurately detect timing differences as small as 100ns, similar to attacks launched on a local system. These concurrency-based timing attacks infer a relative timing difference by analyzing the order in which responses are returned, and thus do not rely on any absolute timing information. We introduce a conceptually novel type of timing attack that leverages the coalescing of packets by network protocols and concurrent handling of requests by applications. In remote timing attacks, a significant source of jitter is the network path between the adversary and the targeted server, making it practically infeasible to successfully exploit timing side-channels that exhibit only a small difference in execution time. The number of measurements that must be obtained largely depends on the amount of jitter that the requests and responses are subjected to. To perform successful remote timing attacks, an adversary typically collects a series of network timing measurements and subsequently performs statistical analysis to reveal a difference in execution time. Author List: Tom Van Goethem and Christina Popper and Wouter Joosen and Mathy Vanhoef.Paper Name: Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections.
0 Comments
Leave a Reply. |