TID-330: Cryptographic Timing Side-Channel

Threat Description

Algorithms or code implementations of cryptographic processes will sometimes leak information by ending operations early or late based on, and correlated with, the input/key.

If a threat actor is able to execute code on a processor performing a cryptographic operation, they may be able to infer the resulting key from that operation by measuring the timing it takes to perform the various functions.

For example, if a function like memcpy (which performs byte-by byte comparison) is used to check an HMAC value, by measuring the time it takes for the function to execute, the length of time needed to brute force guess a key can be significantly reduced.

Threat Maturity and Evidence

Known Exploitable Weakness

• XBOX 360 HMAC Comparison
  “A memcmp function is used to check the CB-auth HMAC-hash value. The value is 16-bytes long and is done byte-by-byte wise. By changing one byte at a time it’s possible to determine if a byte is the valid (true) by measuring the time to compare a false and a true value. Measuring each byte will in the end reveal the correct hash and the boot process can continue.
  The time differences for a valid and false value is about 2200 microseconds.
  Possibilities: 16 bytes * 256 different possibility for each byte, total 4096 tries. Statistically only half has to be tried, 2048 tries.”

CWE

• CWE-208: Observable Timing Discrepancy (Base)
  “Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.”

• CWE-1254: Incorrect Comparison Logic Granularity (Base)
  “The product’s comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a comparison logic failure on one of these steps, the operation may be vulnerable to a timing attack that can result in the interception of the process for nefarious purposes.”

CVE

• OpenSSL Timing Side-Channel Vulnerability in ECDSA Signature Computation - CVE-2024-13176 “A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.”