Fun with Timing Attacks: Exploiting Subtle Timing Differences to Crack Passwords
This article unveils a clever attack technique known as a timing attack. By repeatedly calling a seemingly secure function, `checkSecret`, and precisely measuring its execution time, an attacker can infer the secret value. Even if `checkSecret` has no obvious vulnerabilities, its internal 'early exit' mechanism causes partially matching guesses to take longer, leaking information. The article details how to exploit this timing difference, combining Thompson Sampling and a Trie data structure to efficiently guess passwords, and discusses handling the complexities of network noise. Ultimately, the article stresses the importance of avoiding direct comparison of sensitive data, recommending the use of hashes or other secure algorithms, and implementing robust rate limits.