Showing papers on "Timing attack published in 2017"

CacheBleed: a timing attack on OpenSSL constant-time RSA

Abstract: The scatter-gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant time. We implement a cache timing attack against the scatter-gather implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f. Our attack exploits cache-bank conflicts on the Sandy Bridge microarchitecture. We have tested the attack on an Intel Xeon E5-2430 processor. For 4096-bit RSA our attack can fully recover the private key after observing 16,000 decryptions.

On Emerging Family of Elliptic Curves to Secure Internet of Things: ECC Comes of Age

Abstract: Lightweight Elliptic Curve Cryptography (ECC) is a critical component for constructing the security system of Internet of Things (IoT). In this paper, we define an emerging family of lightweight elliptic curves to meet the requirements on some resource-constrained devices. We present the design of a scalable, regular, and highly-optimized ECC library for both MICAz and Tmote Sky nodes, which supports both widely-used key exchange and signature schemes. Our parameterized implementation of elliptic curve group arithmetic supports pseudo-Mersenne prime fields at different security levels with two optimized-specific designs: the high-speed version (HS) and the memory-efficient (ME) version. The former design achieves record times for computation of cryptographic schemes at roughly $80\sim 128$ -bit security levels, while the latter implementation only requires half of the code size of the current best implementation. We also describe our efforts to evaluate the energy consumption and harden our library against some basic side-channel attacks, e.g., timing attacks and simple power analysis (SPA) attacks.

Decomposition instead of self-composition for proving the absence of timing channels

Abstract: We present a novel approach to proving the absence of timing channels. The idea is to partition the program's execution traces in such a way that each partition component is checked for timing attack resilience by a time complexity analysis and that per-component resilience implies the resilience of the whole program. We construct a partition by splitting the program traces at secret-independent branches. This ensures that any pair of traces with the same public input has a component containing both traces. Crucially, the per-component checks can be normal safety properties expressed in terms of a single execution. Our approach is thus in contrast to prior approaches, such as self-composition, that aim to reason about multiple (k≥ 2) executions at once. We formalize the above as an approach called quotient partitioning, generalized to any k-safety property, and prove it to be sound. A key feature of our approach is a demand-driven partitioning strategy that uses a regex-like notion called trails to identify sets of execution traces, particularly those influenced by tainted (or secret) data. We have applied our technique in a prototype implementation tool called Blazer, based on WALA, PPL, and the brics automaton library. We have proved timing-channel freedom of (or synthesized an attack specification for) 24 programs written in Java bytecode, including 6 classic examples from the literature and 6 examples extracted from the DARPA STAC challenge problems.

A Novel Side-Channel Timing Attack on GPUs

Abstract: To avoid information leakage during program execution, modern software implementations of cryptographic algorithms target constant timing complexity, ie, the number of instructions executed does not vary with different inputs However, many times the underlying microarchitecture behaves differently when processing varying data inputs, which covertly leaks confidential information through the timing channel In this paper, we exploit a novel fine-grained microarchitectural timing channel, stalls that occur due to bank conflicts in a GPU's shared memory Using this attack surface, we develop a differential timing attack that can compromise table-based cryptographic algorithms We implement our timing attack on an Nvidia Kepler K40 GPU, and successfully recover the complete 128-bit AES encryption key using 10 million samples We also evaluate the scalability of our attack method by attacking a 8192-thread implementation of the AES encryption algorithm, recovering some key bytes using 1 million samples

Practical Keystroke Timing Attacks in Sandboxed JavaScript

Abstract: Keystrokes trigger interrupts which can be detected through software side channels to reconstruct keystroke timings. Keystroke timing attacks use these side channels to infer typed words, passphrases, or create user fingerprints. While keystroke timing attacks are considered harmful, they typically require native code execution to exploit the side channels and, thus, may not be practical in many scenarios.

Implementing the NewHope-Simple Key Exchange on Low-Cost FPGAs

Abstract: Lattice-based cryptography is one of the most promising candidates being considered to replace current public-key systems in the era of quantum computing. In 2016 Alkim, Ducas, Poppelmann, and Schwabe proposed the lattice-based key exchange scheme NewHope. The scheme has gained some popularity in the research community as it is believed to withstand attacks by quantum computers with a comfortable security margin and provides decent efficiency and low communication cost. In this work, we evaluate the efficiency of NewHope on reconfigurable hardware. We provide the up to our knowledge first field-programmable gate array (FPGA) implementation of NewHope-Simple that is a slight modification of NewHope proposed by the authors themselves in 2016. NewHope-Simple is basically NewHope with different error correction mechanism. Our implementation of the client-side scheme requires 1,483 slices, 4,498 look-up tables (LUTs), and 4,635 flip-flops (FFs) on low-cost Xilinx Artix-7 FPGAs. The implementation of the server-side scheme takes 1,708 slices, 5,142 LUTs, and 4,452 FFs. Both cores use only two digital signal processors (DSPs) and four 18 Kb block memories (BRAMs). The implementation has a constant execution time to prevent timing attacks. The server-side operations take 1.4 ms and the client-side operations take 1.5 ms.

MemJam: A False Dependency Attack against Constant-Time Crypto Implementations

Abstract: Cache attacks exploit memory access patterns of cryptographic implementations. Constant-Time implementation techniques have become an indispensable tool in fighting cache timing attacks. These techniques engineer the memory accesses of cryptographic operations to follow a uniform key independent pattern. However, the constant-time behavior is dependent on the underlying architecture, which can be highly complex and often incorporates unpublished features. CacheBleed attack targets cache bank conflicts and thereby invalidates the assumption that microarchitectural side-channel adversaries can only observe memory with cache line granularity. In this work, we propose MemJam, a side-channel attack that exploits false dependency of memory read-after-write and provides a high quality intra cache level timing channel. As a proof of concept, we demonstrate the first key recovery attacks on a constant-time implementation of AES, and a SM4 implementation with cache protection in the current Intel Integrated Performance Primitives (Intel IPP) cryptographic library. Further, we demonstrate the first intra cache level timing attack on SGX by reproducing the AES key recovery results on an enclave that performs encryption using the aforementioned constant-time implementation of AES. Our results show that we can not only use this side channel to efficiently attack memory dependent cryptographic operations but also to bypass proposed protections. Compared to CacheBleed, which is limited to older processor generations, MemJam is the first intra cache level attack applicable to all major Intel processors including the latest generations that support the SGX extension.

Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks

Abstract: Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.

Flow Reconnaissance via Timing Attacks on SDN Switches

Abstract: When encountering a packet for which it has no matching forwarding rule, a software-defined networking (SDN) switch requests an appropriate rule from its controller; this request delays the routing of the flow until the controller responds. We show that this delay gives rise to a timing side channel in which an attacker can test for the recent occurrence of a target flow by judiciously probing the switch with forged flows and using the delays they encounter to discern whether covering rules were previously installed in the switch. We develop a Markov model of an SDN switch to permit the attacker to select the best probe (or probes) to infer whether a target flow has recently occurred. Our model captures practical challenges related to rule evictions to make room for other rules; rule timeouts due to inactivity; the presence of multiple rules that apply to overlapping sets of flows; and rule priorities. We show that our model enables detection of target flows with considerable accuracy in many cases.

Deterministic Browser

Abstract: Timing attacks have been a continuous threat to users' privacy in modern browsers. To mitigate such attacks, existing approaches, such as Tor Browser and Fermata, add jitters to the browser clock so that an attacker cannot accurately measure an event. However, such defenses only raise the bar for an attacker but do not fundamentally mitigate timing attacks, i.e., it just takes longer than previous to launch a timing attack. In this paper, we propose a novel approach, called deterministic browser, which can provably prevent timing attacks in modern browsers. Borrowing from Physics, we introduce several concepts, such as an observer and a reference frame. Specifically, a snippet of JavaScript, i.e., an observer in JavaScript reference frame, will always obtain the same, fixed timing information so that timing attacks are prevented; at contrast, a user, i.e., an oracle observer, will perceive the JavaScript differently and do not experience the performance slowdown. We have implemented a prototype called DeterFox and our evaluation shows that the prototype can defend against browser-related timing attacks.

A novel cache bank timing attack

Abstract: To avoid information leakage through execution, modern software implementations of cryptographic algorithms target constant timing complexity, i.e., the number of instructions does not vary with different inputs. However, often times, the underlying microarchitecture behaves differently under different data inputs, which covertly leaks confidential information through the timing channel. Cache timing channel due to cache miss penalties has been explored in recent years to break system security. In this paper, we exploit a finer-grained L1 cache bank timing channel, the stalling delay due to cache bank conflicts, and develop a new timing attack against table lookup-based cryptographic algorithms. We implement the timing attack with three different methods on Sandy Bridge micro-architecture, and successfully recover the complete 128-bit AES encryption key. The most effective attack can achieve 50% success rate using 75,000 samples and 100% success rate using 200,000 samples. The whole attack process from collecting samples to recoverying all key bytes takes less than 3 minutes. We anticipate the new timing attack to be a threat to various platforms, including ARM-based smart phones and performance-critical accelerators like GPUs.

Deterministic Browser

Abstract: Timing attacks have been a continuous threat to users' privacy in modern browsers To mitigate such attacks, existing approaches, such as Tor Browser and Fermata, add jitters to the browser clock so that an attacker cannot accurately measure an event However, such defenses only raise the bar for an attacker but do not fundamentally mitigate timing attacks, ie, it just takes longer than previous to launch a timing attack In this paper, we propose a novel approach, called deterministic browser, which can provably prevent timing attacks in modern browsers Borrowing from Physics, we introduce several concepts, such as an observer and a reference frame Specifically, a snippet of JavaScript, ie, an observer in JavaScript reference frame, will always obtain the same, fixed timing information so that timing attacks are prevented; at contrast, a user, ie, an oracle observer, will perceive the JavaScript differently and do not experience the performance slowdown We have implemented a prototype called DeterFox and our evaluation shows that the prototype can defend against browser-related timing attacks

High-Performance Noninvasive Side-Channel Attack Resistant ECC Coprocessor for GF(2m )

Abstract: Elliptic curve cryptography (ECC) is one of the most popular public key cryptosystems in recent years due to its higher security strength and lower resource consumption. However, the noninvasive side-channel attacks (SCAs) have been proved to be a big threat to ECC systems in many previous researches. In this paper, we propose a low-area-time-product ECC coprocessor for GF(2 m ) with the ability to resist most of the existing noninvasive SCAs. The basic countermeasures are relied on the underlying finite field arithmetics in randomized Montgomery domain, which can blind the intermediate value in the iterations of scalar multiplication to prevent the adversaries from cracking the private key by statistical methods. Meanwhile, we optimize the modular division and modular multiplication algorithms to fix the operating time to resist some certain timing attacks, and the Montgomery Ladder algorithm makes the coprocessor immune against simple SCAs. To efficiently implement our coprocessor, we present a hybrid operation sequence which merely needs one multiplication module and one division module to complete the entire operations. The synthesis results indicate that our design is superior to other related works in area-time product (ATP) and the extra overhead paid for the countermeasures is less than 5%.

KeyDrown: Eliminating Keystroke Timing Side-Channel Attacks

Abstract: Besides cryptographic secrets, side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences. Previously proposed countermeasures fail to prevent keystroke timing attacks as they do not protect keystroke processing among the entire software stack. We close this gap with KeyDrown, a new defense mechanism against keystroke timing attacks. KeyDrown injects a large number of fake keystrokes in the kernel to prevent interrupt-based attacks and Prime+Probe attacks on the kernel. All keystrokes, including fake keystrokes, are carefully propagated through the shared library in order to hide any cache activity and thus to prevent Flush+Reload attacks. Finally, we provide additional protection against Prime+Probe for password input in user space programs. We show that attackers cannot distinguish fake keystrokes from real keystrokes anymore and we evaluate KeyDrown on a commodity notebook as well as on two Android smartphones. We show that KeyDrown eliminates any advantage an attacker can gain from using interrupt or cache side-channel information.

PRESENT Runs Fast

Abstract: The PRESENT block cipher was one of the first hardware-oriented proposals for implementation in extremely resource-constrained environments. Its design is based on 4-bit S-boxes and a 64-bit permutation, a far from optimal choice to achieve good performance in software. As a result, most software implementations require large lookup tables in order to meet efficiency goals. In this paper, we describe a new portable and efficient software implementation of PRESENT, fully protected against timing attacks. Our implementation uses a novel decomposition of the permutation layer, and bitsliced computation of the S-boxes using optimized Boolean formulas, not requiring lookup tables. The implementations are evaluated in embedded ARM CPUs ranging from microcontrollers to full-featured processors equipped with vector instructions. Timings for our software implementation show a significant performance improvement compared to the numbers from the FELICS benchmarking framework. In particular, encrypting 128 bits using CTR mode takes about 2100 cycles on a Cortex-M3, improving on the best Assembly implementation in FELICS by a factor of 8. Additionally, we present the fastest masked implementation of PRESENT for protection against timing and other side-channel attacks in the scenario we consider, improving on related work by 15%. Hence, we conclude that PRESENT can be remarkably efficient in software if implemented with our techniques, and even compete with a software implementation of AES in terms of latency while offering a much smaller code footprint.

Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures

Abstract: Cloud computing is based on the sharing of physical resources among several virtual machines through a virtualization layer providing software isolation. Despite advances in virtualization, data security and isolation guarantees remain important challenges for cloud providers. Some of the most prominent isolation violations come from side-channel attacks that aim at exploiting and using a leaky channel to obtain sensitive data such as encryption keys. Such channels may be created by vulnerable implementations of cryptographic algorithms, exploiting weaknesses of processor architectures or of resource sharing in the virtualization layer. In this paper, we provide a comprehensive survey of side-channel attacks (SCA) and mitigation techniques for virtualized environments, focusing on cache-based attacks. We review isolation challenges, attack classes and techniques. We also provide a layer-based taxonomy of applicable countermeasures , from the hardware to the application level, with an assessment of their effectiveness.

A continuum of undetectable timing-attacks on PMU-based linear state-estimation

Abstract: Recent innovations in protection and control applications for power systems require the use of Phasor Measurement Unit (PMU) measurements. PMUs rely on precise time synchronization and have been shown to be vulnerable to time synchronization attacks. In this paper, we explore time synchronization attacks against PMU measurements that are undetectable by state-of-the-art Bad-Data Detection (BDD) algorithms, used for Linear State-Estimation (LSE). We show that compromising three or more PMUs enables an attacker to create a continuum of undetectable attacks, and based on geometric arguments we provide a closed form expression for computing the attacks. Furthermore, we provide an algorithm for identifying PMU measurements that are vulnerable to the considered attacks. We use simulations on the IEEE 39-Bus benchmark power system to show that attacks can have a significant impact in terms of power flow mis-estimation that could lead to the violation of ampacity limits in transmission lines.

SPARX — A side-channel protected processor for ARX-based cryptography

Abstract: ARX-based cryptographic algorithms are composed of only three elemental operations — addition, rotation and exclusive or — which are mixed to ensure adequate confusion and diffusion properties. While ARX-ciphers can easily be protected against timing attacks, special measures like masking have to be taken in order to prevent power and electromagnetic analysis. In this paper we present a processor architecture for ARX-based cryptography, that intrinsically guarantees first-order SCA resistance of any implemented algorithm. This is achieved by protecting the complete data path using a Boolean masking scheme with three shares. We evaluate our security claims by mapping an ARX-algorithm to the proposed architecture and using the common leakage detection methodology based on Student's i-test to certify the side-channel resistance of our processor.

A Reconfigurable High-Speed ECC Processor Over NIST Primes

Abstract: Elliptic curve cryptography (ECC) is widely used in the field of cyber security such as TLS protocol. Compared with symmetric cryptography, the computation of ECC is much slower. In this paper, a reconfigurable high-speed processor supporting all currently used NIST primes on FPGA platform is constructed. The modular addition and substraction is eliminated in our design by applying lazy reduction strategy. Throughput of modular multiplication is improved significantly with Karatsuba algorithm and compact pipeline schedule. The latency of modular inverse is tactfully avoided by pipeline coverage at the level of scalar multiplication. Furthermore, Montgomery-ladder algorithm and base-point randomization is applied to resist side-channel and timing attacks. Most of these techniques can also be used in software designs. Compared with previous works, our FPGA design outperforms times of others in term of scalar multiplication performance, while the hardware cost remains moderate, which makes it suitable for computation-intensive applications.

Fault Attack on an Improved CRT-RSA Algorithm with the Modulus Chaining Method

Abstract: S. Lee, D. Choi and Y. Choi proposed an improved countermeasure algorithm of RSA cryptosystem with Chinese Remainder Theorem to prevent fault attack. In this paper, we introduce new fault attacks on their countermeasure algorithm. Our analysis shows that the attacker can obtain an erroneous signature by injecting some faults during the RSA signing computation. Thus the attacker can recover the RSA private key and their countermeasure algorithm cannot resist the fault attack.

Timing attack analysis on AES on modern processors

Abstract: In recent years, academic focus on side chan-nel analysis has increased due to their effectiveness in leaking information from secure systems. Advanced Encryption Standard or Rinjdael has been the object of scrutiny ever since its inception as a federal standard. Presently, it is one of the most widely used encryption algorithms in the world and has withstood the various efforts to crypt-analyze it. With academic focus on time leaking code implementations increasing in the 90s, and successful crypt-analysis of many algorithms due to side channel data leakage and the fact that improper software implementations can leak information has brought focus on side channel analysis of AES. We shall try and implement the cache timing attack on a modern server and modern implementations and observe the results firsthand. In this paper, the authors try and implement cache timing attack on various AES implementations over modern processors. The practical importance of mounting an attack over a non-idealized system and analyzing these real world results can be considered the primary objectives of this paper.

Cache timing attacks on recent microarchitectures

Abstract: Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack results in full key recovery. Compared to earlier processor generations, the attacks are more involved, but still of practical complexity, requiring between 219 and 221 encryptions. For the last two processors, the cache slice selection algorithm (CSSA) was not known before and had to be reverse engineered as part of this work. This is the first time CSSAs for the Skylake architecture are reported. Our attacks demonstrate that cryptographic applications in cloud computing environments using key-dependent tables for acceleration are still vulnerable even on recent architectures, including Skylake. Our reverse engineering of the CSSAs of these processors will also be beneficial for developers in many other contexts, for instance for implementing page colouring in modern operating systems.

Analysis of coherent quantum cryptography protocol vulnerability to an active beam-splitting attack

Abstract: We consider a new type of attack on a coherent quantum key distribution protocol [coherent one-way (COW) protocol]. The main idea of the attack consists in measuring individually the intercepted states and sending the rest of them unchanged. We have calculated the optimum values of the attack parameters for an arbitrary length of a communication channel and compared this novel attack with a standard beam-splitting attack.

Local Cyber-physical Attack with Leveraging Detection in Smart Grid

Abstract: A well-designed attack in the power system can cause an initial failure and then results in large-scale cascade failure. Several works have discussed power system attack through false data injection, line-maintaining attack, and line-removing attack. However, the existing methods need to continuously attack the system for a long time, and, unfortunately, the performance cannot be guaranteed if the system states vary. To overcome this issue, we consider a new type of attack strategy called combinational attack which masks a line-outage at one position but misleads the control center on line outage at another position. Therefore, the topology information in the control center is interfered by our attack. We also offer a procedure of selecting the vulnerable lines of its kind. The proposed method can effectively and continuously deceive the control center in identifying the actual position of line-outage. The system under attack will be exposed to increasing risks as the attack continuously. Simulation results validate the efficiency of the proposed attack strategy.

Forensic Identification of Anonymous Sources in OneSwarm

Abstract: OneSwarm is a p2p system for anonymous file sharing. We quantify the system’s vulnerability to three attacks that identify the sources of files. First, we detail and prove that a timing attack allows a single attacker to investigate all its neighbors for possession of specific files. We prove the attack is possible due to OneSwarm’s design and is unthwarted by changes made to OneSwarm since we released our attack. Second, we show that OneSwarm is much more vulnerable to a collusion attack than previously reported, and we quantify the attack’s success given a file’s popularity, a factor not evaluated earlier. Third, we present a novel application of a known TCP-based attack. It allows a single attacker to identify whether a neighbor is the source of data or a proxy for it. Each of these attacks can be repeated as attackers quit and rejoin the network. We present these attacks in the context of forensics and the investigation of child pornography. We show that our attacks meet the higher standards required of law enforcement for criminal investigations.

Breaking VM isolation: An in-depth look into the cross flush reload cache timing attack

Abstract: Cloud computing has led to a lot of improvements in the way we manage our IT infrastructure, but this convenience has led to new security challenges. In this paper, we recreate a cross Virtual Machine Flush+Reload cache timing attack and document our attack methodology in depth. Cache timing attacks are highly technical, and executing them in a virtualized environment makes them more complex. We have not come across any literature that documents these attacks adequately, and so this paper aims to deliver detailed insight into the entire lifecycle of these types of attacks. Our attack methodology dissects the life cycle of a side channel attack in a virtualized environment from beginning to end. We present an in-depth analysis of the environment, the attack setup, the attack execution, and how these attacks can be used to gather and analyse results. This research will shed some valuable insight into what is a very technical and complex topic. By documenting our attack environment and methodology we hope to help new researchers in this field gain a foothold in a research topic that has recently gained popularity and may be difficult to enter. Finally, we examine how meaningful results are collected and analysed by the attacker. We believe this insight will also be valuable for cloud administrators and developers, and that they may use their understanding of the attack lifecycle and result analysis tools to mitigate and disrupt attack attempts.

A fake timing attack against behavioural tests used in embedded IoT M2M communications

Abstract: Interconnected embedded machines in the Internet of Things (IoT) play a key role for collecting and managing data from the real environment. These machines adopt Machine-to-Machine (M2M) networks in order to exchange information. Securing this information is therefore essential. However, these machines have reduced capabilities giving the opportunity to be easily compromised. IoT trust agents in embedded machines can use timing-based behavioural tests in order to trust each other. However, attackers can use powerful systems to subvert the network by launching a fake timing attack. This attack consists of mimicking the timing behaviours of real embedded machines. In this work, we present a detection algorithm for detecting this attack and also detecting forged embedded machines based on virtual and emulated systems. This will allow IoT embedded machines to create trusted M2M communications.

The Time Will Tell on You: Exploring Information Leaks in SSH Public Key Authentication

Abstract: SSH client public key authentication method is one of the most used public key client authentication methods. Despite its popularity, the precise protocol is not very well known, and even advanced users may have misconceptions of its functionality. We describe the SSH public key authentication protocol, and identify potential weak points for client privacy. We further review parts of the OpenSSH implementation of the protocol, and identify possible timing attack information leaks. To evaluate the severity of these leaks we built a modified SSH-library that can be used to query the authentication method with arbitary public key blobs and measure the response time. We then use the resulting query timing differences to enumerate valid users and their key types. Furthermore, to advance the knowledge on remote timing attacks, we study the timing signal exploitability over a Tor Hidden Service (HS) connection and present filtering methods that make the attack twice as effective in the HS setting.