Timing Attack
67 views
Skip to first unread message
Jo Tan
Feb 5, 2017, 12:11:45 PM2/5/17
to Keyczar Discuss
Hello guys i am a student of computer science i am doing timing attack for my final year project. but i have tried to attack keyczar(old version).
it doesnt seems to have any timing difference but i've check the source code that contains cache leak. I have use HMAC_SHA1 key purpose SIGN_AND_VERIFY and I called signer class but I am not sure if the signer class will call the verify function from the hmackey class.
Steve Weis
Feb 6, 2017, 10:46:26 AM2/6/17
to Keyczar Discuss
Hi Jo. There was a HMAC validation timing attack found by Nate Lawson 8 years ago when it lived on the Google Code repository. Here is his blog post:
https://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/
If you want to reproduce it in Java, replace instances of safeArrayEquals with Arrays.equals, as described in the blog post:
https://github.com/google/keyczar/blob/master/java/code/src/org/keyczar/util/Util.java#L372
You mentioned a "cache leak". I don't know of publicly reported cache side-channel attacks specific to Keyczar. I would not be surprised to find cache side-channels in OpenSSL or the JCE, which is relies upon.
https://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/
If you want to reproduce it in Java, replace instances of safeArrayEquals with Arrays.equals, as described in the blog post:
https://github.com/google/keyczar/blob/master/java/code/src/org/keyczar/util/Util.java#L372
You mentioned a "cache leak". I don't know of publicly reported cache side-channel attacks specific to Keyczar. I would not be surprised to find cache side-channels in OpenSSL or the JCE, which is relies upon.
Reply all
Reply to author
Forward
0 new messages