| Subject | Re: [Firebird-general] Security paranoia |
|---|---|
| Author | Dimitry Sibiryakov |
| Post date | 2014-02-07T23:02:13Z |
07.02.2014 23:01, Lester Caine wrote:
1) Security algorithm must compare two array of bytes one-by-one;
2) Comparsion must stop as soon as any difference found;
3) By timing you must be able to derive how much bytes was compared before failure.
First two conditions are easy and common. Third one isn't. It means that comparsion
must be slow. Some kind of microcontroller in door lock may fits the condition. Ordinary
server CPU where strings comparsions is one command, executed in the worst case with speed
one byte per tick... Well, targeted time difference should be about 1e-9 second. I know no
way to detect such tiny difference over network.
Besides, timing attack is a kind of brute force attack: attacker must make at least 37
attempts per one char. Firebird block brute forces at (IIRC) third attempt, soooo...
--
WBR, SD.
> Supports what I had already worked out myself soFor this attack to success, few condition must met:
> I'll go back and ask who has proof that the concept can be used. All the notes
> posted so far relate to theoretical conjecture rather than fact:)
1) Security algorithm must compare two array of bytes one-by-one;
2) Comparsion must stop as soon as any difference found;
3) By timing you must be able to derive how much bytes was compared before failure.
First two conditions are easy and common. Third one isn't. It means that comparsion
must be slow. Some kind of microcontroller in door lock may fits the condition. Ordinary
server CPU where strings comparsions is one command, executed in the worst case with speed
one byte per tick... Well, targeted time difference should be about 1e-9 second. I know no
way to detect such tiny difference over network.
Besides, timing attack is a kind of brute force attack: attacker must make at least 37
attempts per one char. Firebird block brute forces at (IIRC) third attempt, soooo...
--
WBR, SD.