BlackHat资料us-14-Mayer-Time-Trial-Racing-Towards-Practical-Timing-Attackss.pdfVIP

Time Trial Racing Towards Practical Remote Timing Attacks Daniel A. Mayer Joel Sandin @DanlAMayer jsandin@ Who we are… ‣ Daniel A. Mayer • Senior Appsec consultant with Matasano Security. • Ph.D. in Computer Science (Security and Privacy). ‣ Joel Sandin • Appsec consultant with Matasano ‣ Matasano Security • Application Security Consultancy. • Offices in New York, Chicago, Sunnyvale. • Part of Daniel A. Mayer and Joel Sandin » Time Trial 2 Agenda 1. Introduction 2. Side-Channels 3. Remote Timing Attacks 4. Our Tool: Time Trial 5. Timing Attacks in Practice 6. Conclusion Daniel A. Mayer and Joel Sandin » Time Trial 3 Introduction Daniel A. Mayer and Joel Sandin » Time Trial 4 Timing Attacks Daniel A. Mayer and Joel Sandin » Time Trial 5 “Regular Vulns” vs. Side-Channels ‣ Many vulnerabilities well understood • XSS, CSRF, SQL injection • More developers becoming aware • Frameworks making it harder to introduce bugs ‣ Side-channels: Less so • Easy to introduce using “innocent” operators • Hard to observe and test for • Have to go out of one’s way to prevent them Daniel A. Mayer and Joel Sandin » Time Trial 6 Examples of Side-Channels ‣ Power consumption ‣ RF emissions ‣ Faults ‣ Processing Time ‣ Really, anything that can be measured and is related to a secret. Daniel A. Mayer and Joel Sandin » Time Trial 7 Timing Side-Channels ‣ Can observe delay before a system responds and reason about what the system was doing ‣ Easy to introduce by using regular comparison function or control flow based on hidden system state ‣ Allows an attacker to