Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Side Channel Vulnerabilities on
                the Web - Detection and
                Prevention



                    ...
Who am I?

Security Consultant at Virtual Forge GmbH
  Expert at SAP-Software-Security
  Co-author of “Sichere ABAP-Pro...
Agenda

Background
Side channel vulnerabilities on the Web
Timing Side Channels
  Detection
  Attack
  Prevention
S...
Background

Active, intrusive attacks against software systems
 well researched
Vulnerabilities in real systems appear i...
Background

Side channel vulnerabilities allow attackers to infer
 potentially sensitive information just by observing
 n...
Background

 Mind reading? Not as esoteric as you may think...
Which thought do you currently think?
  1.Think   about   ...
Background

Mind reading? Not as esoteric as you may think...



 When we can read human minds: can we also read
       th...
Agenda

Background
Side channel vulnerabilities on the Web
Timing Side Channels
  Detection
  Attack
  Prevention
S...
Side channel vulnerabilities on the Web

Learn what a user types by observing
  reflections of monitor picture [1]
  in...
Side channel vulnerabilities on the Web

Learn existence of user name from
 response time of Web application [4]
 error...
Agenda

Background
Side channel vulnerabilities on the Web
Timing Side Channels
  Detection
  Attack
  Prevention
S...
Timing Side Channels                       1

                                 User                 Error
 Example control...
Timing Side Channels

 Detection and Attack
)sm( emiT esytisn5D
)sm( emiT esytisn5D
            nops00
            nops00
...
Timing Side Channels

 Detection and Attack
)sm( emiT esytisn5D
)sm( emiT esytisn5D
            nops00
            nops00
...
Timing Side Channels

 Detection and Attack
Statistical analysis of response times difficult
  Highly skewed distributio...
Timing Side Channels
                                          User      No      Error
 Preventing timing side            ...
Timing Side Channels                        Delay
                                              1
                        ...
Timing Side Channels

 Mitigation: fix response time to Worst Case Execution Time (WCET)
)sm( emiT esytisn5D
)sm( emiT esy...
Timing Side Channels

 Preventing timing side channels (black box)
Mitigation: fix response time to worst case
 execution...
Agenda

Background
Side channel vulnerabilities on the Web
Timing Side Channels
  Detection
  Attack
  Prevention
S...
Storage Side Channels

 Example for obvious storage side channel: Error
 messages of login forms




                     ...
Storage Side Channels

 Example for obvious storage side channel: Error
 messages of login forms




                     ...
Storage Side Channels

 Example for obvious storage side channel: Error
 messages of login forms

“Invalid user name” → u...
Storage Side Channels

Hidden storage side channel: Secret-dependent
 differences that are invisible to “normal user”
  ...
Storage Side Channels

Noise is a problem for measurements
  lots of dynamic content in HTTP/HTML


 $ diff responses/1....
Storage Side Channels

New method to detect storage side channels (to be
 published S. Schinzel and F. Freiling)
  Facto...
Storage Side Channels

 Results (1/2)
Widely used Content Management System leaks
 information by HTTP header ordering
  ...
Storage Side Channels

 Results (2/2)
Online gallery leaks the amount of private pictures:
7 public images, 0 private ima...
Agenda

Background
Side channel vulnerabilities on the Web
Timing Side Channels
  Detection
  Attack
  Prevention
S...
Conclusion

Side channel vulnerabilities pose a serious threat
 for Web applications with high security
 requirements
Ti...
Conclusion

Side channels can appear in various ways
  Detection is difficult
Side channel attacks are passive
  Attac...
Call for participation!


Academia
  Joint research
  Lots of promising topics for theses (Bachelor, Master,
   Diploma...
Bibliography

 [1]: Michael Backes and Markus Dürmuth and Dominique Unruh, Compromising
 Reflections-or-How to Read LCD Mo...
Thank you for your attention!

   Feedback, discussion?

         Contact:
     Sebastian Schinzel




                   ...
Upcoming SlideShare
Loading in …5
×

of

OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 1 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 2 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 3 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 4 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 5 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 6 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 7 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 8 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 9 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 10 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 11 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 12 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 13 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 14 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 15 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 16 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 17 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 18 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 19 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 20 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 21 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 22 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 23 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 24 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 25 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 26 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 27 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 28 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 29 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 30 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 31 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 32 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 33 OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention Slide 34
Upcoming SlideShare
What to Upload to SlideShare
Next

0 Likes

Share

OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention

Die sichere Entwicklung von Web-Anwendungen ist mittlerweile erschöpfend dokumentiert und es gibt eine Vielzahl von freien Entwicklungsbibliotheken für praktisch jede Sicherheitsfunktionalität. Daher gibt es für Entwickler keine plausiblen Ausreden mehr dafür, Web-Anwendungen mit kritischen Sicherheitsschwachstellen zu entwickeln. Sicherlich gibt es nach wie vor viel zu viele anfällige Web-Anwendungen. Eine zunehmende Zahl von Web-Anwendungen hält Sicherheitsprüfungen jedoch stand und sind somit nicht trivial kompromittierter. Sind die Daten hinter einer Web-Anwendung ohne die gängigen Web-Schwachstellen, z.B. aus der OWASP Top 10, aber wirklich absolut sicher?
Hier kommen Seitenkanalanalysen ins Spiel, die bereits im Bereich der Kryptoanalyse gut erforscht sind. Dabei misst der Angreifer bestimmte Merkmale seines Ziels, die mit bloßem Auge nicht erkennbar sind. Merkmale können z.B. kleine Unterschiede in der Antwortszeit der Web-Anwendung sein, oder auch versteckte Änderungen im Inhalt der Antwort. Korreliert ein Merkmal mit den Daten im Backend, so kann der Angreifer anhand der Merkmale auf die Daten im Backend schließen. Diese Art der Angriffe im Web sind seit einigen Jahren wissenschaftlich dokumentiert, jedoch in der Entwicklergemeinde noch nahezu unbekannt.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

OWASP Germany 2010 - Side Channel Vulnerabilities on the Web - Detection and Prevention

  1. 1. Side Channel Vulnerabilities on the Web - Detection and Prevention Sebastian Schinzel Virtual Forge GmbH University of Mannheim OWASP Germany Conference 2010 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http://www.owasp.org
  2. 2. Who am I? Security Consultant at Virtual Forge GmbH Expert at SAP-Software-Security Co-author of “Sichere ABAP-Programmierung” at SAP- Press (http://sap-press.de/2037) PHD Student at University of Mannheim (soon University of Erlangen) Research topic: side-channel vulnerabilities in Web Applications OWASP 2
  3. 3. Agenda Background Side channel vulnerabilities on the Web Timing Side Channels Detection Attack Prevention Storage Side Channels Detection Attack Prevention Conclusion OWASP 3
  4. 4. Background Active, intrusive attacks against software systems well researched Vulnerabilities in real systems appear if developers don’t apply countermeasures Let’s assume an application with none of the top Web vulnerabilities (OWASP Top10, SANS Top25, ...) What can attackers still do..? OWASP 4
  5. 5. Background Side channel vulnerabilities allow attackers to infer potentially sensitive information just by observing normal behavior of software system Attacker is a passive observer Apply Paul Watzlawick to software applications “One Cannot Not Communicate (Man kann nicht nicht kommunizieren)” OWASP 5
  6. 6. Background Mind reading? Not as esoteric as you may think... Which thought do you currently think? 1.Think about how your last pizza looked like 2.Think about how a pink elephant with wings looks like 3.Think about the melody of your favorite song 4.Think about the noise of the pink elephant’s wings Your eyes may leak this information [6]... 2 1 4 3 OWASP 6
  7. 7. Background Mind reading? Not as esoteric as you may think... When we can read human minds: can we also read the mind of software applications? OWASP 7
  8. 8. Agenda Background Side channel vulnerabilities on the Web Timing Side Channels Detection Attack Prevention Storage Side Channels Detection Attack Prevention Conclusion OWASP 8
  9. 9. Side channel vulnerabilities on the Web Learn what a user types by observing reflections of monitor picture [1] inter-packet timing in encrypted SSH session [2] Learn about the action a user performs on a Web application by observing packet sizes in encrypted Web traffic [3] OWASP 9
  10. 10. Side channel vulnerabilities on the Web Learn existence of user name from response time of Web application [4] error messages in Web page Timing related Learn private key of SSL server [5] Learn amount of hidden images in Gallery [4] OWASP 10
  11. 11. Agenda Background Side channel vulnerabilities on the Web Timing Side Channels Detection Attack Prevention Storage Side Channels Detection Attack Prevention Conclusion OWASP 11
  12. 12. Timing Side Channels 1 User Error Example control flow of exists? No page login form Yes Control flow have different 2 User Yes length and therefore locked? different execution time No Can we measure the time Yes difference between control User expired? flow 1 and 2? No Password No correct? Yes OWASP 12
  13. 13. Timing Side Channels Detection and Attack )sm( emiT esytisn5D )sm( emiT esytisn5D nops00 nops00 04 04 53 53 e4 e4 e5 e5 3. 3. 2. 2. 1. 1. R R s=0 .3 Min: 34 Max: 150 .2 Avg: 39 Med: 37 Density .1 0 35 40 45 50 Response Time (ms) OWASP 13
  14. 14. Timing Side Channels Detection and Attack )sm( emiT esytisn5D )sm( emiT esytisn5D nops00 nops00 04 04 53 53 e4 e4 e5 e5 3. 3. 2. 2. 1. 1. R R s=0 .3 s=1 Min: 34 Max: 150 .2 Avg: 39 Med: 37 Density .1 0 35 40 45 50 Response Time (ms) OWASP 14
  15. 15. Timing Side Channels Detection and Attack Statistical analysis of response times difficult Highly skewed distribution, sometimes with multiple modi, depending on network conditions and measurement hardware [7] Thus, parametric hypothesis tests (e.g. t-test) useless Detection and attack requires custom hypothesis tests Detection and attack may require many thousand probes (potentially high effort) OWASP 15
  16. 16. Timing Side Channels User No Error Preventing timing side exists? page channels (white box) Yes Join control paths, e.g. User Yes Pack all db queries in one locked? SQL statement No User Yes expired? User exists AND Password correct AND No Error User not locked AND page No User not expired? Password No correct? Yes Yes OWASP 16
  17. 17. Timing Side Channels Delay 1 No User No Error Preventing timing side exists? page channels (black box) Yes Change control flow so that 2 User Yes paths have same execution locked? time, e.g. No Delay short control paths User Yes expired? No Password No correct? Yes OWASP 17
  18. 18. Timing Side Channels Mitigation: fix response time to Worst Case Execution Time (WCET) )sm( emiT esytisn5D )sm( emiT esytisn5D nops00 nops00 04 04 53 53 e4 e4 e5 e5 3. 3. 2. 2. 1. 1. R R s=0 WCET .3 s=1 Min: 34 Min: 150 Max: 150 Max: 150 .2 Avg: 39 Avg: 150 Med: 37 Med: 150 Density .1 0 35 40 45 50 150 Response Time (ms) OWASP 18
  19. 19. Timing Side Channels Preventing timing side channels (black box) Mitigation: fix response time to worst case execution time Pro: No differences in response times Perfect mitigation for timing vulnerabilities Con: Serious performance impact! More performant strategies are currently researched OWASP 19
  20. 20. Agenda Background Side channel vulnerabilities on the Web Timing Side Channels Detection Attack Prevention Storage Side Channels Detection Attack Prevention Conclusion OWASP 20
  21. 21. Storage Side Channels Example for obvious storage side channel: Error messages of login forms OWASP 21
  22. 22. Storage Side Channels Example for obvious storage side channel: Error messages of login forms OWASP 22
  23. 23. Storage Side Channels Example for obvious storage side channel: Error messages of login forms “Invalid user name” → user name does not exist “Invalid password” → user name exists OWASP 23
  24. 24. Storage Side Channels Hidden storage side channel: Secret-dependent differences that are invisible to “normal user” HTTP headers and values HTML meta data ... OWASP 24
  25. 25. Storage Side Channels Noise is a problem for measurements lots of dynamic content in HTTP/HTML $ diff responses/1.content responses/3.content 2c2 < Date: Tue, 22 Jun 2010 17:20:31 GMT --- Time dependent difference > Date: Tue, 22 Jun 2010 17:20:37 GMT 8c8 < Last-Modified: Tue, 22 Jun 2010 17:20:34 GMT --- Time dependent difference > Last-Modified: Tue, 22 Jun 2010 17:20:38 GMT 122c122 < ! ! ! <input type="hidden" name="challenge" value="35018d1af7184bad10944cb617677c99" /> --- Randomly generated difference > ! ! ! <input type="hidden" name="challenge" value="b50cbc351f525fcad0cb0fc97e080b29" /> OWASP 25
  26. 26. Storage Side Channels New method to detect storage side channels (to be published S. Schinzel and F. Freiling) Factor out all irrelevant differences Works on binary data s=0 s=1 Step 1: A1, A2, ..., An B1, B2, ..., Bn Step 2: LCS LCS XA XB Step 3: ! E OWASP 26
  27. 27. Storage Side Channels Results (1/2) Widely used Content Management System leaks information by HTTP header ordering Does user account exist? Non-existent user name (s=0) Existing user name (s=1) HTTP/1.1 200 OK HTTP/1.1 200 OK Date: Mon, 25 Jan 2010 11:47:55 GMT Date: Mon, 25 Jan 2010 11:47:45 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny4 with Suhosin-Patch Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny4 with Suhosin-Patch X-Powered-By: PHP/5.2.6-1+lenny4 X-Powered-By: PHP/5.2.6-1+lenny4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Expires: 0 Last-Modified: Mon, 25 Jan 2010 11:47:55 GMT Cache-Control: no-cache, must-revalidate Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Pragma: no-cache Last-Modified: Mon, 25 Jan 2010 11:47:45 GMT Vary: Accept-Encoding Vary: Accept-Encoding Content-Type: text/html;charset=iso-8859-1 Content-Type: text/html;charset=iso-8859-1 Content-Length: 5472 Content-Length: 5472 OWASP 27
  28. 28. Storage Side Channels Results (2/2) Online gallery leaks the amount of private pictures: 7 public images, 0 private image (s=0) <div style='float:left'>Pictures - <a href='display.php?t=bycat&amp;q=4&amp;nr=7&amp;st=0&amp;upto=12&amp;p=1'> <span style='color:#fff'>Other</span> </a> </div> 7 public images, 1 private image (s=1) <div style='float:left'>Pictures - <a href='display.php?t=bycat&amp;q=4&amp;nr=8&amp;st=0&amp;upto=12&amp;p=1'> <span style='color:#fff'>Other</span> </a> </div> OWASP 28
  29. 29. Agenda Background Side channel vulnerabilities on the Web Timing Side Channels Detection Attack Prevention Storage Side Channels Detection Attack Prevention Conclusion OWASP 29
  30. 30. Conclusion Side channel vulnerabilities pose a serious threat for Web applications with high security requirements Timing side channels may require substantial measurement and analysis effort Depending on timing difference Depending on network noise Hidden storage side channels can be found with around a dozen requests Independent of the size of secret-depended changes Independent of network noise OWASP 30
  31. 31. Conclusion Side channels can appear in various ways Detection is difficult Side channel attacks are passive Attacks are feasible for a skilled attacker Prevention strategies may have a negative impact on system performance Prevention is difficult OWASP 31
  32. 32. Call for participation! Academia Joint research Lots of promising topics for theses (Bachelor, Master, Diploma) Business, Organizations Applying our tools to real-world applications Get tomorrow’s security analysis now Get in touch! OWASP 32
  33. 33. Bibliography [1]: Michael Backes and Markus Dürmuth and Dominique Unruh, Compromising Reflections-or-How to Read LCD Monitors around the Corner, IEEE Symposium on Security and Privacy, pp. 158-169, IEEE Computer Society, 2008. [2]: D. X. Song, D. Wagner, and X. Tian, “Timing analysis of keystrokes and SSH timing attacks,” in USENIX Security Symposium, 2001. [3]: Shuo Chen and Rui Wang 0010 and XiaoFeng Wang and Kehuan Zhang, Side- Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow, IEEE Symposium on Security and Privacy, pp. 191-206, IEEE Computer Society, 2010. [4]: Andrew Bortz and Dan Boneh, Exposing private information by timing web applications, WWW, pp. 621-628, ACM, 2007 [5]: Felten and Schneider, Timing Attacks on Web Privacy, SIGSAC: 7th ACM Conference on Computer and Communications Security, ACM SIGSAC, 2000. [6]: http://en.wikipedia.org/wiki/Representational_systems_(NLP) [7]: Crosby and Riedi and Wallach, Opportunities and Limits of Remote Timing Attacks, ACM Trans. Inf. Syst. Secur, 12(3), 2009 OWASP 33
  34. 34. Thank you for your attention! Feedback, discussion? Contact: Sebastian Schinzel OWASP 34

Die sichere Entwicklung von Web-Anwendungen ist mittlerweile erschöpfend dokumentiert und es gibt eine Vielzahl von freien Entwicklungsbibliotheken für praktisch jede Sicherheitsfunktionalität. Daher gibt es für Entwickler keine plausiblen Ausreden mehr dafür, Web-Anwendungen mit kritischen Sicherheitsschwachstellen zu entwickeln. Sicherlich gibt es nach wie vor viel zu viele anfällige Web-Anwendungen. Eine zunehmende Zahl von Web-Anwendungen hält Sicherheitsprüfungen jedoch stand und sind somit nicht trivial kompromittierter. Sind die Daten hinter einer Web-Anwendung ohne die gängigen Web-Schwachstellen, z.B. aus der OWASP Top 10, aber wirklich absolut sicher? Hier kommen Seitenkanalanalysen ins Spiel, die bereits im Bereich der Kryptoanalyse gut erforscht sind. Dabei misst der Angreifer bestimmte Merkmale seines Ziels, die mit bloßem Auge nicht erkennbar sind. Merkmale können z.B. kleine Unterschiede in der Antwortszeit der Web-Anwendung sein, oder auch versteckte Änderungen im Inhalt der Antwort. Korreliert ein Merkmal mit den Daten im Backend, so kann der Angreifer anhand der Merkmale auf die Daten im Backend schließen. Diese Art der Angriffe im Web sind seit einigen Jahren wissenschaftlich dokumentiert, jedoch in der Entwicklergemeinde noch nahezu unbekannt.

Views

Total views

944

On Slideshare

0

From embeds

0

Number of embeds

5

Actions

Downloads

0

Shares

0

Comments

0

Likes

0

×