Web Timing Attacks Made Practical

by Timothy Morgan & Jason Morgan Timing side-channel attacks are a well-known class of flaw in cryptographic systems and applications in general. While these issues have been researched for decades, the complexities involved in obtaining accurate timing measurements and performing accurate statistical analysis has prevented the average pentester from identifying and exploiting these issues on a day-to-day basis. In this paper, we build on past research to make remote timing attacks practical against modern web applications. We scrutinize both methods of data collection and statistical analysis used by previous researchers, significantly improving results in both areas. We implement an adaptive Kalman filter, which provides greater accuracy in classifying timing differences, making timing attacks more practical in congested networks and speeding up attacks in ideal conditions. As part of this research, a new open source timing attack tool suite is being released to the community.