timing attacks for recovering private entries from
play

Timing Attacks for Recovering Private Entries From Database Engines - PowerPoint PPT Presentation

Aug 14, 2023 •237 likes •826 views

Timing Attacks for Recovering Private Entries From Database Engines August 1, 2007 Damian Saura, Ariel Futoransky and Ariel Waissbein -Core Security Technologies- Why are DBs interesting to attackers Database management systems are used

  1. Timing Attacks for Recovering Private Entries From Database Engines August 1, 2007 Damian Saura, Ariel Futoransky and Ariel Waissbein -Core Security Technologies-

  2. Why are DBs interesting to attackers • Database management systems are used to store huge amounts of data that need to be searched for and refreshed. – E.g., target credit card data, health care info., social security numbers and other personal data, ... • So DbMSs and the servers that host them are targets of attacks Web Internet Web Application DbMS Users Internal Users

  3. How to compromise a DB • An attacker breaks into the web server hosting the DB. – Insecure configuration, lack of patching, … • An attacker exploits a SQL-injection vulnerability in the web application (front-end of the DB). – Insecure development of the webapp • An attacker leverages lax permissions and privilege levels in the DB. – Someone that can connect to the server, but is not a DB user, compromises an insecure authentication protocol. – A legitimate user siphons out confidential data. • An attacker uses a timing side-channel that relies on the ability to make INSERTs with chosen data.

  4. Main result: scenario • Consider a populated table in one deployed database management system (e.g., MySQL, MS SQL, Oracle, …) • Users cannot retrieve data from one column directly, but can insert values in this “privacy-sensitive” column. • Users can measure the response time of the INSERT transaction.

  5. Intro: Main result (2) • Then an attacker, passing as a user, can retrieve the values of this column. – The success of the attack depends on the accuracy to time inserts and other parameters – The “complexity” of the attack can be measured by the number of inserts it requires. – The number of inserts required is proportional to the size (in bits) of these values, times the number of values retrieved.

  6. Intro: Main result (3) • Explicitly, – We designed a side-channel attack that relies only on a data structure, B-trees, that is used by most commercial DbMS and the ability to make inserts in the target field and time responses (accurately). – We implemented the attack in our lab against a MySQL database and proved it real. • Further remarks, – What does this vulnerability imply? – The attack could be improved (complexity).

  7. Indexing table columns, containing sensitive data, is dangerous. A first example

  8. The CMS • Imagine a Content Management System (CMS) that: – displays a user/password table (as below) and – when a user clicks on Password, the table entries are sorted according to the alphabetical order of the passwords. • A user that is allowed to add entries to the table can then execute a divide et impera search (Latin for binary search) for any other user's password. Username Password Dick ****** Harry ****** Tom ****** ….

  9. The CMS • Imagine a Content Management System (CMS) that: – displays a table of the form and – when a user clicks on Password, the table is reordered according to the alphabetical order of the passwords. • A user that is allowed to register can then execute a divide et impera search for any other user's password. Username Password Username Password Dick ****** Tom ****** Harry ****** Dick ****** Tom ****** Harry ****** …. …. Hence Tom’s password < Dick’s password There is an information leak!

  10. Abstract and talk outline 1. Database management systems 2. DbMS leak information 3. An attack that exploits this leak 4. Experiments with MySQL 5. Extensions, countermeasures and discussion

  11. Database management systems and how is indexing implemented

  12. Intro to DbMSs: Scenario • Clients connect to access high volumes of data – Persistent storage – Queries / data manipulation • Need for efficient searching, writing and deleting data Web – Programming interface. server DbMS DB users

  13. Databases (e.g., RM & SQL) • The relational model & the SQL standard. • Data is stored in tables: each row contains a record, and the columns represent the record fields. • If table rows are not sorted by the values in its fields, then each search/insert/delete query (over a field) requires scanning all the column. – Thus, TABLES SHOULD BE SORTED! – In fact, updating, inserting and deleting must be optimized. • Can’t store everything in RAM. Must use the hard drive and retrieve data to memory in chunks. Name Passport Football team Cacho 32102806 San Lorenzo Pedro 25061305 River Tomas 9567205 Racing

  14. Database architecture User • Data is stored in “sorted chunks” (i.e., pages). Query Compiler • The querying process: Execution – The user makes queries. engine – To answer, the DbMS retrieves Storage architecture only the required pages from Index/file/ Storage into memory. record manager – The cost of page I/O dominates the cost of typical DB operations. Buffer manager Storage • To understand more deeply how manager this cost is affected by queries, we must analyze indexes. Storage

  15. Sorting tables • Each DB table requires one primary index – It can be generated automatically by the DbMS, or according to a user-selected search key (e.g., a field). • Each index produces an (internal) table that is stored by the DbMS in an index data structure (e.g., B-trees): – Storing each search-key together with a pointer to the data (row), or – Storing the data together with the search key. 9567205, p 1 25061305, p 2 32102806, p 3 Unclustered index Pass. Data 9567205 Tomas, Racing 25061305 Pedro, River 32102806 Cacho, San Lorenzo Clustered index 9567205, Tomas, Racing 25061305, Pedro, River 32102806, Cacho, San Lorenzo …

  16. B+ trees design principles • Each node can store at most a prefixed amount of search keys (and occupies one disk page in Storage). • Each node must be at least half full. • Each search key is paired with a pointer or the data. • Leaf nodes (lower level) are linked in a list (black arrows below). 28 <28 ≥ 28 8 13 28 35 <8 ≥ 8 ≥ 35 1 4 5 8 9 13 17 19 22 28 30 31 35 92

  17. Search & Insert in a B+ tree • Looking up a search-key value or range is easy, we start from the root node and move down as in the picture below. • Inserts to non-full nodes are likewise easy. • Operations that require adding/deleting nodes: let’s see… 28 <28 ≥ 28 8 13 28 35 <8 ≥ 8 ≥ 35 1 4 5 8 9 13 17 19 22 28 30 31 35 92

  18. The effect of inserts (TOY EXAMPLES) 1 4 6 7 9 10 50 58 72 94 99 • Let’s picture two consecutive leaf nodes. • We start adding random values until the left leaf is full.

  19. The effect of inserts (2) 1 4 6 7 9 10 50 58 72 94 99 Insert 15 15 1 4 6 7 9 10 50 58 72 94 99

  20. The effect of inserts (2) 1 4 6 7 9 10 50 58 72 94 99 Insert 15 15 1 4 6 7 9 10 50 58 72 94 99 Insert 21 21 50 58 72 94 99 1 4 6 7 9 10 15

  21. The effect of inserts (2) 1 4 6 7 9 10 50 58 72 94 99 Insert 15 15 1 4 6 7 9 10 50 58 72 94 99 Insert 21 21 50 58 72 94 99 1 4 6 7 9 10 15 Insert 18 15 18 1 4 6 7 9 10 50 58 72 94 99 21

  22. The effect of inserts (2) 1 4 6 7 9 10 50 58 72 94 99 Insert 15 15 1 4 6 7 9 10 50 58 72 94 99 Insert 21 21 50 58 72 94 99 1 4 6 7 9 10 15 Insert 18 15 18 1 4 6 7 9 10 50 58 72 94 99 21 Insert 43 21 43 1 4 6 7 9 10 15 18 50 58 72 94 99

  23. The effect of inserts (2) 1 4 6 7 9 10 50 58 72 94 99 Insert 15 15 1 4 6 7 9 10 50 58 72 94 99 Insert 21 21 50 58 72 94 99 1 4 6 7 9 10 15 Insert 18 15 18 1 4 6 7 9 10 50 58 72 94 99 21 Insert 43 21 43 1 4 6 7 9 10 15 18 50 58 72 94 99 Insert 33 33 1 4 6 7 9 10 15 18 21 43 50

  24. There is a data leak • Once the left node is full, it is split in two. • Remember: each node must be at least half full. • An insert that produces a split takes more time than other inserts! 50 … 1 4 6 7 9 10 15 18 21 33 43

  25. How to turn the information leak into an attack E.g., can we use split detection to find key values?

  26. Inserting: consecutive values • Each line represents a leaf, that can fit 10 search keys. • Previous inserts are in white, the attacker’s inserts in red. • What happens if a user knows the leaf starts at 3, the next leaf starts at 25 and inserts “11,…,16”? 3 6 7 9 10

  27. Inserting: consecutive values • Each line represents a leaf, that can fit 10 search keys. • Previous inserts are in white, the attacker’s inserts in red. • What happens if a user knows the leaf starts at 3, the next leaf starts at 25 and inserts “11,…,16”? 3 6 7 9 10 11 12 13 14 15 3 6 7 9 10

  28. Inserting: consecutive values (2) 11 12 13 14 15 3 leaf status before * * * * inserting 16 • The user inserts11-16 and knows nothing about the pre- existent keys (other than 3). • Assume that he knows that “16” produced a split! • Then, he knows that there are 4 keys between 3 and 11! • If the user has more information about the particular B+- tree implementation, he can guess what is the new leaves configuration. – This is because, some DbMSs use an optimization of B+- trees and will not split leaves in halves in certain cases.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing attacks important? Clarifications Zero-One Gap / Neighborhood Size etc. Problems Questions Extensions Contribution Discussion

645 views • 26 slides
From Recovering Time to Timing Recovery: Some Challenges for the TAU Community Andrew B. Kahng

From Recovering Time to Timing Recovery: Some Challenges for the TAU Community Andrew B. Kahng

From Recovering Time to Timing Recovery: Some Challenges for the TAU Community Andrew B. Kahng Depts. of CSE and ECE UC San Diego abk@ucsd.edu http://vlsicad.ucsd.edu/~abk TAU-2016 Keynote: In Search of Lost Time Recovering

946 views • 47 slides
The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen, Nick Nikiforakis Background: Timing attacks Introduced by Felten et al. in 2000. A side-channel attack analyzing the time that it takes to a

642 views • 21 slides
CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks August 29 #$

CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks August 29 #$

CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks August 29 #$ 2018 University of Pennsylvania, Security Seminar Gabrielle De Micheli Joint work with: Fergus Dall, Thomas Eisenbarth, Daniel Genkin, Nadia

751 views • 46 slides
CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks September 5

CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks September 5

CacheQuote: Efficiently Recovering Long- term Secrets of SGX EPID via Cache Attacks September 5 &quot;# 2018 MIT, Security Seminar Gabrielle De Micheli Joint work with: Fergus Dall, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad

742 views • 46 slides
Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in Advanced Topics in Network Security (600/650.624) Outline Traditional threat model in cryptography Side-channel attacks Kochers

1.19k views • 77 slides
Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi @danielmgmi https://moghimi.org Security Researcher PhD Candidate @ WPI Microarchitectural Attacks Side Channels Breaking Crypto

1.2k views • 71 slides
Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of

Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of

Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of Science, Finland {bbrumley,ntuveri}@tcs.hut.fi Synopsis New remote timing attack vulnerability in OpenSSLs implementation of Montgomerys

487 views • 25 slides
Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&amp;Time vs. MbedTLS AES on STM32

477 views • 20 slides
No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing

No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing

IEEE S&amp;P 2016 No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis May 24, 2016 Wenrui Diao , Xiangyu Liu, Zhou Li, and Kehuan Zhang 2/18 Motivation -- Hardware and Kernel Mobile platform

700 views • 21 slides
Determinating Timing Channels in Compute Clouds Amittai Aviram, Sen Hu, Bryan Ford Yale

Determinating Timing Channels in Compute Clouds Amittai Aviram, Sen Hu, Bryan Ford Yale

Determinating Timing Channels in Compute Clouds Amittai Aviram, Sen Hu, Bryan Ford Yale University http://dedis.cs.yale.edu/ Ramakrishna Gummadi University of Massechusetts Amherst CCSW, October 8, 2010 Timing Attacks Cooperative attacks

471 views • 30 slides
Exclusive Exponent Blinding May Not Suffice Attacks on RSA to Prevent Timing Attacks on RSA

Exclusive Exponent Blinding May Not Suffice Attacks on RSA to Prevent Timing Attacks on RSA

Exclusive Exponent Blinding May Not Suffice to Prevent Timing Exclusive Exponent Blinding May Not Suffice Attacks on RSA to Prevent Timing Attacks on RSA Werner Schindler Bundesamt f ur Sicherheit in der Werner Schindler

553 views • 23 slides
Plugging Side-Channel Leaks with Timing Information Flow Control Bryan Ford Yale University

Plugging Side-Channel Leaks with Timing Information Flow Control Bryan Ford Yale University

Plugging Side-Channel Leaks with Timing Information Flow Control Bryan Ford Yale University http://dedis.cs.yale.edu/ USENIX HotCloud, June 13, 2012 The Long History of Timing Attacks Cooperative attacks apply to: Mandatory Access

359 views • 21 slides
CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded Systems (CHES) 2019 Alejandro Cabrera Aldaya 1 , Cesar Pereida Garca 2 , Luis Manuel Alvarez Tapia 1 , Billy Bob Brumley 2 , {aldaya,

371 views • 21 slides
Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This paper reports successful Thanks to: extraction of a complete AES key University of Illinois at Chicago from a network server NSF CCR9983950 on

1.28k views • 91 slides
Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side

Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side

Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side Channel Mohammad A. Islam, Luting Yang, Kiran Ranganath, and Shaolei Ren Acknowledgement: This work was supported in part by NSF under grants

445 views • 31 slides
1 Alternative File Organizations Model for Analyzing Access Costs Many alternatives, each ideal

1 Alternative File Organizations Model for Analyzing Access Costs Many alternatives, each ideal

Database Management Systems Database Internals API/GUI (Simplification!) Query Optimizer Stats Physical plan Exec. Engine Logging, recovery Schemas Data/etc Requests Catalog Zachary Ives Index/file/rec Mgr CSE 594 Data/etc Requests

586 views • 12 slides
Key Legal Issues in Data Strategy Dan Masur Brad Peterson Partner Partner 1 202 263 3226 1

Key Legal Issues in Data Strategy Dan Masur Brad Peterson Partner Partner 1 202 263 3226 1

Key Legal Issues in Data Strategy Dan Masur Brad Peterson Partner Partner 1 202 263 3226 1 312 701 8568 dmasur@mayerbrown.com bpeterson@mayerbrown.com Speakers Brad Peterson Daniel Masur Partner - Chicago Partner Washington DC

585 views • 30 slides
RTC DATABASE April 2017 March 2018 Dedicated Tx Sessions HTC Chair 4 shared

RTC DATABASE April 2017 March 2018 Dedicated Tx Sessions HTC Chair 4 shared

RTC DATABASE April 2017 March 2018 Dedicated Tx Sessions HTC Chair 4 shared sessions with the role of CH for Tx CH for Tx 11 with sessions 6 CH for Tx with no sessions TLM range between 0-10 TP range

486 views • 20 slides
Exploring Fox River Study Data with Great Lakes To Gulf Virtual Observatory Jong Sung Lee

Exploring Fox River Study Data with Great Lakes To Gulf Virtual Observatory Jong Sung Lee

Exploring Fox River Study Data with Great Lakes To Gulf Virtual Observatory Jong Sung Lee (jonglee1@illinois.edu) Senior Research Scientist, NCSA April 5 th , 2016 @ 4 th Nutrient Monitoring Council Meeting National Center for Supercomputing

394 views • 11 slides
Data Base 2 Professor Carlo Vaccari Ainiwaer Aihemaiti E_mail:anwarsunboy@gmail.com Main

Data Base 2 Professor Carlo Vaccari Ainiwaer Aihemaiti E_mail:anwarsunboy@gmail.com Main

Data Base 2 Professor Carlo Vaccari Ainiwaer Aihemaiti E_mail:anwarsunboy@gmail.com Main Contents Topics of this course Practical Work Conclusions Topics of this course Main Purpose of DW Database Design Data

205 views • 20 slides
Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series

Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series

Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series Database (ATSD) is a clustered non-relational database for the storage of various information coming out of the IT infrastructure. ATSD is specifically

620 views • 44 slides
What is SQL? SQL stands for Structured Query Language SQL lets you access and manipulate

What is SQL? SQL stands for Structured Query Language SQL lets you access and manipulate

SQL is a standard language for storing, manipulating and retrieving data in databases. What is SQL? SQL stands for Structured Query Language SQL lets you access and manipulate databases SQL became a standard of the American National Standards

1.45k views • 101 slides
Big Data Management and NoSQL Databases Lecture 12 PD Dr. Andreas Behrend

Big Data Management and NoSQL Databases Lecture 12 PD Dr. Andreas Behrend

Big Data Management and NoSQL Databases Lecture 12 PD Dr. Andreas Behrend behrend@cs.uni-bonn.de Acknowledgements I am indebted to Prof. Dr.-Ing. Sebastian Michel, Prof. Johan Gamper, and Dr. Holubova for providing me slides. What is Big

1.11k views • 67 slides

More recommend