Timing attacks

I’ve just read an interesting article (linked) that describes how a Google encryption library was hacked by detecting how long it took for the code to fail the request. The longer it took, the more of the key was correct.

The solution was to make sure that the comparision always compared every character regardless of how many were correct.

However that’s only one solution to a particular, limited scenario.

A commentor described how a library may take several different paths to analyse a request. Making sure that all of those different paths took the same amount of time would be very difficult, if not impossible.

There may be a simpler solution.

Way (way) back when I were a lad, I put a microswitch and an alarm on my bedroom door, but my brother would always find and defeat the switch as the alarm always went off as soon as the switch was tripped.

I solved the problem by adding a delay to the alarm, it was then impossible to tell how the alarm was triggered.

It occurs to me that a similar solution would work here. Just add a random delay into the code and you will add enough noise to mask what the code is really doing to the outside world.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s