Tuesday, July 21, 2015

Timing attacks

What are the timing attacks?

The timing attacks are the ones that are applicable when it takes different time for an application to compare the provided secret with the original one. When does it take the different time? When comparison is performed symbol by symbol and stops once the current symbols in the provided secret is different from the current symbol in the original one.

def compare_secrets(secret_original, secret_provided):
  if len(secret_original) != len(secret_provided):
    return False

  for x in secret_original:
    for y in secret_provided:
      if x != y:
        return False

  return True

It takes one amount of time to compare the same passwords or strings, for the different ones it takes another, less, amount.

One can, however, argue that the time difference is so negligible so that it's impossible to exploit this vulnerability. Against all the odds, it is possible. My code had this vulnerability https://github.com/GildedHonour/rust-jwt/issues/1

How to exploit it?

Try to brute-force the password and measure the time it takes for the application to respond. When the current attempt takes less time than the previous one, it implies that the current password partially matches the original one. That is, the less time is takes, the larger amount of symbols match. By keeping brute-forcing the password and analyzing the response time, you can eventually find the password.

How to protect your code?

Don't break the process when the symbols are different. When it comes to performance, it's, indeed, not efficient. However, from the point of view of security this code is safe.

 def compare_secrets(secret_original, secret_provided):
  res = True
  for x in secret_original:
    for y in secret_provided:
      if x != y and res == True:
        res = False

  return res

No comments :

Post a Comment