Empirical Analysis of Software Vulnerabilities Causing Timing Side Channels

by   M. Mehdi Kholoosi, et al.

Timing attacks are considered one of the most damaging side-channel attacks. These attacks exploit timing fluctuations caused by certain operations to disclose confidential information to an attacker. For instance, in asymmetric encryption, operations such as multiplication and division can cause time-varying execution times that can be ill-treated to obtain an encryption key. Whilst several efforts have been devoted to exploring the various aspects of timing attacks, particularly in cryptography, little attention has been paid to empirically studying the timing attack-related vulnerabilities in non-cryptographic software. By inspecting these software vulnerabilities, this study aims to gain an evidence-based understanding of weaknesses in non-cryptographic software that may help timing attacks succeed. We used qualitative and quantitative research approaches to systematically study the timing attack-related vulnerabilities reported in the National Vulnerability Database (NVD) from March 2003 to December 2022. Our analysis was focused on the modifications made to the code for patching the identified vulnerabilities. We found that a majority of the timing attack-related vulnerabilities were introduced due to not following known secure coding practices. The findings of this study are expected to help the software security community gain evidence-based information about the nature and causes of the vulnerabilities related to timing attacks.


page 1

page 7


Injecting Software Vulnerabilities with Voltage Glitching

We show how voltage glitching can cause timing violations in CMOS behavi...

Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code

Although cryptographic algorithms may be mathematically secure, it is of...

SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities

SPEculative Execution side Channel Hardware (SPEECH) Vulnerabilities hav...

Déjà Vu: Side-Channel Analysis of Mozilla's NSS

Recent work on Side Channel Analysis (SCA) targets old, well-known vulne...

TPM-FAIL: TPM meets Timing and Lattice Attacks

Trusted Platform Module (TPM) serves as a hardware-based root of trust t...

Determining the Optimal Frequencies for a Duplicated Randomized Clock SCA Countermeasure

Side-channel attacks pose significant challenges to the security of embe...

A Benchmark Suite for Evaluating Caches' Vulnerability to Timing Attacks

Timing-based side or covert channels in processor caches continue to pre...

Please sign up or login with your details

Forgot password? Click here to reset