Timing Attack

Skip to first unread message

Jo Tan

Feb 5, 2017, 12:11:45 PM2/5/17
to Keyczar Discuss
Hello guys i am a student of computer science i am doing timing attack for my final year project. but i have tried to attack keyczar(old version). 
it doesnt seems to have any timing difference but i've check the source code that contains cache leak. I have use HMAC_SHA1 key purpose SIGN_AND_VERIFY and I called signer class but I am not sure if the signer class will call the verify function from the hmackey class.

Steve Weis

Feb 6, 2017, 10:46:26 AM2/6/17
to Keyczar Discuss
Hi Jo. There was a HMAC validation timing attack found by Nate Lawson 8 years ago when it lived on the Google Code repository. Here is his blog post:

If you want to reproduce it in Java, replace instances of safeArrayEquals with Arrays.equals, as described in the blog post:

You mentioned a "cache leak". I don't know of publicly reported cache side-channel attacks specific to Keyczar. I would not be surprised to find cache side-channels in OpenSSL or the JCE, which is relies upon.
Reply all
Reply to author
0 new messages