Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.

Timing Attacks in Security Protocols: Symbolic Framework and Proof Techniques

Abstract: We propose a framework for timing attacks, based on a variant of the applied-pi calculus. Since many privacy properties, as well as strong secrecy and game-based security properties, are stated as process equivalences, we focus on time trace equivalence. We show that actually, considering timing attacks does not add any complexity: time trace equivalence can be reduced to length trace equivalence, where the attacker no longer has access to execution times but can still compare the length of messages. We therefore deduce from a previous decidability result for length equivalence that time trace equivalence is decidable for bounded processes and the standard cryptographic primitives. As an application, we study several protocols that aim for privacy. In particular, we automatically detect an existing timing attack against the biometric passport and new timing attacks against the Private Authentication protocol.

Timing attack detection on BACnet via a machine learning approach

Abstract: Building Automation Systems (BAS), alternatively known as Building Management Systems (BMS), which centralise the management of building services, are often connected to corporate networks and are routinely accessed remotely for operational management and emergency purposes. The protocols used in BAS, in particular BACnet, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations. As intrusion is thus likely easy to achieve, intrusion detection systems should be put in place to ensure they can be detected and mitigated. Existing intrusion detection systems typically deal only with known threats (signature-based approaches) or suffer from a high false positive rate (anomaly-based approaches). In this paper we present an overview of the problem space with respect to BAS, and suggest that state aware machine learning techniques could be used to discover threats that comprise a collection of legitimate commands. We provide a first step showing that the concept can be used to detect an attack where legitimate write commands being sent in rapid succession may cause system failure. We capture the state as a ‘time since last write’ event and use a basic artificial neural network classifier to detect attacks.

Robust First Two Rounds Access Driven Cache Timing Attack on AES

Abstract: The memory Cache data access time uncertainty and resource multi-process sharing mechanism provide a new covert channel to leak process secret information. The AES software implementation used many table lookup operations to access cache, and these lookup indices have close relationship with the secret key. According to 128-bit AES, we propose a new robust first two rounds access driven cache timing attack. We use a spy process to gather cache access patterns of AES process, thus get the table lookup indices during one AES encryption, combine certain analysis methods, finally recover 128-bit full AES key. With counter to current belief, our experiments show that, only through the first round attack, 350 samples are enough to recover full AES key. After we extend the attack to the second round, 80 samples are enough to recover full AES key.

Single Trace Analysis on Constant Time CDT Sampler and Its Countermeasure

Abstract: The Gaussian sampler is an integral part in lattice-based cryptography as it has a direct connection to security and efficiency. Although it is theoretically secure to use the Gaussian sampler, the security of its implementation is an open issue. Therefore, researchers have started to investigate the security of the Gaussian sampler against side-channel attacks. Since the performance of the Gaussian sampler directly affects the performance of the overall cryptosystem, countermeasures considering only timing attacks are applied in the literature. In this paper, we propose the first single trace power analysis attack on a constant-time cumulative distribution table (CDT) sampler used in lattice-based cryptosystems. From our analysis, we were able to recover every sampled value in the key generation stage, so that the secret key is recovered by the Gaussian elimination. By applying our attack to the candidates submitted to the National Institute of Standards and Technology (NIST), we were able to recover over 99% of the secret keys. Additionally, we propose a countermeasure based on a look-up table. To validate the efficiency of our countermeasure, we implemented it in Lizard and measure its performance. We demonstrated that the proposed countermeasure does not degrade the performance.