AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/

Practical Timing Attacks using Mathematical Amplification of Time Difference in == Operator
#### Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

**Speakers**
## Mostafa Siraj

Timing attacks are usually undervalued by most web penetration testers. In this presentation, I’ll talk in details about timing attacks. I’ll focus specifically on the wrong use of the == operator and equals function which does byte by byte comparison in all modern programming language such as.NET, Java and Python. Using the == operator and equals functions in sensitive operations could lead to complete compromise of the system. The novelty of this talk is in the updated mathematical equation i used to increase the time difference response from the vulnerable server and hence improve the accuracy (the last equation in the the following section). The other important aspect is the real-world attacks examples that I'll present and finally I'll cover the challenges to timing attacks (like network delays) and how did I overcome it in my attacks.

Timing attacks are very tricky. The sources of noise are many. You can always fall in the trap that the data you gathered and analyzed mean something while actually it doesn't. Following the right approach (that I'll explain in this presentation), you can convert the non-feasible brute-force attack against a system to a feasible timing attack.

The main equation that drives this attack is as follows:

c := is the character set of the target string

n := is the total length of the target string

Brute Force:

c^n trials

(usually infeasible to perform. Sometimes you need the earth time to break the system)

Timing Attack in a perfect environment:

c * n

(usually infeasible also due to noise)

Realistic Timing attack:

c^t * n/t * l

where t << n and c^t can be generated in reasonable time

l is the number of trials needed to reduce the error of noise and distinguish between valid and invalid trial

By carefully selecting the t, a timing attack can be performed. t should be big enough to make statistical difference over the variance in network delay and small enough to execute the attack in reasonable time. Statistical approaches such as the null and alternative hypotheses are some of the means to analyze the timing attack results.

Timing attacks are very tricky. The sources of noise are many. You can always fall in the trap that the data you gathered and analyzed mean something while actually it doesn't. Following the right approach (that I'll explain in this presentation), you can convert the non-feasible brute-force attack against a system to a feasible timing attack.

The main equation that drives this attack is as follows:

c := is the character set of the target string

n := is the total length of the target string

Brute Force:

c^n trials

(usually infeasible to perform. Sometimes you need the earth time to break the system)

Timing Attack in a perfect environment:

c * n

(usually infeasible also due to noise)

Realistic Timing attack:

c^t * n/t * l

where t << n and c^t can be generated in reasonable time

l is the number of trials needed to reduce the error of noise and distinguish between valid and invalid trial

By carefully selecting the t, a timing attack can be performed. t should be big enough to make statistical difference over the variance in network delay and small enough to execute the attack in reasonable time. Statistical approaches such as the null and alternative hypotheses are some of the means to analyze the timing attack results.

Senior Security Analyst

Mostafa is an information security professional specializing in application security. He started his career as a freelance developer working in all major programming platforms (.NET, Java, Python, Lisp, C++) with clients from all over the world, shortly after, he admired the application... Read More →

Thursday September 24, 2015 1:00pm - 1:55pm PDT

Room D

Room D

Topic: AppSec

**Tags**Day3and4