Opportunities and Limits of Remote Timing Attacks - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

Opportunities and Limits of Remote Timing Attacks

Description:

Remote timing attacks over LAN. Can measure a fraction of a microsecond. Results. On a LAN, can measure as a few hundred clock cycles of a remote system ... – PowerPoint PPT presentation

Number of Views:20
Avg rating:3.0/5.0
Slides: 26
Provided by: scro3
Category:

less

Transcript and Presenter's Notes

Title: Opportunities and Limits of Remote Timing Attacks


1
Opportunities and Limits of Remote Timing Attacks
  • Scott A Crosby

2
Introduction
  • Systems arent mathematical
  • They can leak secrets
  • Errors
  • Power usage
  • Response time
  • New attack opportunity

3
Remote timing attacks
  • Processing time can vary
  • RSA exponentiation
  • strcmp()
  • Hash tables
  • What processing times can be measured remotely?
  • Results on WAN and LAN environments
  • When are attacks possible or impossible?

4
Example strcmp()
  • Graph of strcmp time as a function of common
    prefix length TODO

5
Measurement over a network
Latency
Processing Time
Response Time
Latency
6
Measurement the difference
Care about processing time difference despite
jitter.
10ms J
X µs
X-Y µs J
Y µs
10ms J
How well can attacker get X vs.Y despite J ?
7
Differences with standard jitter
  • Not a realtime system
  • Dont care about response time
  • Care about processing time
  • Collect many measurements
  • Filter out noise

8
Test Program
  • Central server
  • Pingpong protocol
  • Server receives ping, waits, replies
  • Use CPU cycle counter for nanosecond precision.
  • Measured 50 different processing time values from
    100ns to 65ms.

9
WAN Tests
  • For each of 75 Planetlab hosts
  • For each of 50 processing times
  • 80,000 measurements
  • 133 million measurements total

10
LAN Tests
  • For each of 8 hosts on Rice LAN
  • For each of 50 processing times
  • 27,000 samples

11
Scoring Filters
  • F(Resps) Proc delay error
  • Least Squares linear
  • Peak finder
  • Percentile
  • Average range

12
LAN Raw data
13
WAN Raw Data
14
LAN detrend data
15
WAN detrend data
16
LAN overall
17
WAN overall
18
Attempt to attack
  • Try to perform an attack on a host pair
  • For two different processing times
  • Choose random subset
  • See how well we can discriminate
  • Repeat 200 times
  • Choose point where were correct 95
  • Histogram the results

19
WAN discrimination histogram
20
WAN overall discrimination
21
LAN overall discrimination
22
Summary of Results
  • Can detect and perhaps exploit
  • lt100 ns over a LAN
  • 10 µs over a WAN
  • Example processing times
  • strcmp() 1000 bytes 5 µs

23
Conclusion
  • Remote timing attacks over WAN
  • May be more difficult than you think
  • Remote timing attacks over LAN
  • Can measure a fraction of a microsecond

24
Results
  • On a LAN, can measure as a few hundred clock
    cycles of a remote system
  • On a WAN, can measure a few thousand clock cycles
    of a remote system
  • Attacker might do better

25
Measurement over a network
10ms
X µs
20ms X µs
10ms
Write a Comment
User Comments (0)
About PowerShow.com