Web Timing Attacks Made Practical

Presented at Black Hat USA 2015, Aug. 6, 2015, 9:45 a.m. (50 minutes)

Timing side-channel attacks are a well-known class of flaw in cryptographic systems and applications in general. While these issues have been researched for decades, the complexities involved in obtaining accurate timing measurements and performing accurate statistical analysis has prevented the average pentester from identifying and exploiting these issues on a day-to-day basis.

In this paper, we build on past research to make remote timing attacks practical against modern web applications. We scrutinize both methods of data collection and statistical analysis used by previous researchers, significantly improving results in both areas. We implement an adaptive Kalman filter, which provides greater accuracy in classifying timing differences, making timing attacks more practical in congested networks and speeding up attacks in ideal conditions. As part of this research, a new open source timing attack tool suite is being released to the community.


Presenters:

  • Jason Morgan - The Ohio State University
    Jason Morgan is a PhD candidate in political methodology at The Ohio State University. His research focuses on time series, event history, and dynamic network modeling and well as experimental methods and causal inference. Before entering the program at Ohio State, Jason completed a Masters at Boston College and prior to that worked as a senior associate for Johnson Economics in Portland, Oregon where he performed macroeconomic and real estate demand forecasting.
  • Timothy Morgan - Blindspot Security LLC
    Tim Morgan performs a wide variety of technical assessments for his customers, including application penetration testing, network penetration testing, social engineering, vulnerability research, and technical advisory work. Over the years, Tim as identified and responsibly published numerous security vulnerabilities in a variety of software products, including: IBM Tivoli Access Manager, the Java Runtime Environment, Google Chrome, OpenOffice, Oracle WebLogic Application Server, and IBM Websphere Commerce. Tim also develops and maintains several open source forensics tools in addition to Bletchley, an application cryptanalysis toolkit. Tim earned his computer science degrees from Harvey Mudd College (BS) and Northeastern University (MS).

Links:

Similar Presentations: