Questions tagged [timing-attack]
For questions about attacking cryptosystems by measuring computation times.
85 questions
0
votes
0
answers
67
views
Strategy for analyzing a remote password checker that only works on its original host (CTF challenge)
I’m working on a reverse-engineering challenge from CTF and I’m trying to figure out the most effective analysis strategy rather than a direct solution.
The challenge provides access to a remote ...
3
votes
1
answer
147
views
Avoiding timing attacks with proportional delay?
Assume that you are given an input which you want to verify is contained within a Hash Set of secrets. Checking that a value is contained in a Hash Set is not a constant time operation relative to the ...
4
votes
1
answer
322
views
Fingerprinting a Tor onion service by amount of CPU cores?
I am wondering if in theory it is possible to make an estimation of the available CPU cores a server has -- and whether that information could be used as a distinguishing trait to reduce the anonymity ...
- 3,530
2
votes
2
answers
1k
views
Preventing authentication (login) timing attacks in a nodejs application
I am using graphql and my login function is resolved using a promise. The username is an email address.
The steps in the logic are the following: -
Validate CRSF token else return generic response (&...
- 63
4
votes
2
answers
2k
views
argon2id: Do I have to protect against timing attacks on login?
From other password hashing algorithms, I know that when a user tries to log in, and the account does not exist in the first place, it's best practice to still hash the provided password, so as not to ...
- 143
4
votes
1
answer
2k
views
Is using `crypt` in PostgreSQL for password comparison secure against timing attacks?
I'm currently using PostgreSQL with the pgcrypto extension to store and verify user passwords. When a user logs in, I compare the entered password with the stored hash using the following query:
...
- 45
2
votes
1
answer
844
views
How can a timing/cache side-channel attack be performed? How can attack know the time of which certain instructions are performed by the victim?
About timing my question is:
How can attack know the time of which certain instructions are performed by the victim?
And about the cache, how can attacker know which cache line is being accessed by ...
- 547
2
votes
0
answers
120
views
what snort rules can detect covert channels?
I'm new to snort. I'm trying to set up rules in snort to detect the presence of covert timing channels. Ideally, I would like to use pre-made rules like the snort community rules.
So far, I've found ...
- 31
2
votes
0
answers
91
views
What optimization can be made for nanosecond IO and CPU stability when performing a timing attack?
I'm using Rust to create a program to attempt a timing attack on a network resource (a printer I lost a password to). I'm wired directly into it. What Linux environmental constraints can I optimize to ...
- 3,247
1
vote
1
answer
199
views
Are webservers's file serving safe against timing attacks?
Context
I've been recently looking at UUIDs (mostly v4) and their uses to maybe start using them in some of my apps. I started asking myself some question about security as one does. Then I fell on ...
- 111
1
vote
1
answer
294
views
Timing Attack using bcrypt.js
I am using bcrypt.js for basic login. I have found that the below code runs noticeably quicker when no user is found, since it exits immediately, and no check is done on the hash. This could give an ...
- 153
0
votes
1
answer
153
views
Constant-time processing only for failures okay?
Premise: When looking up a secret value in a DB (API key, token, maybe username) it's near-impossible to guarantee that the lookup doesn't leak something about the similarity of the candidate value to ...
- 125
0
votes
0
answers
182
views
Is there a generic way to prevent HTTP timing attacks for sensitive requests?
If I have sensitive HTTP routes that could be subject to timing attacks (trying to guess an ID, user, etc.), is there a way without modifying the application code that it could be wrapped with a ...
- 3,492
1
vote
2
answers
306
views
What are best practices for finding an account in a SQL database during authentication? Is using `LIMIT 1` vulnerable to timing attacks?
I have a application where users can log in by providing a username or email address (both case insensitive) and a password. In the users table in the database, the relevant account information is ...
- 13
3
votes
1
answer
289
views
Does this theoretical salted-hash-sleep scheme mitigate timing attacks?
This question is purely theoretical, I have no intention of ever implementing this scheme in practice. I'm familiar with the shortcomings of sleeping as means of mitigating timing attacks. I'm more ...
- 145