Timing Attack: From being a beginner to expired

EventIn-Person OnlyCommunity Sharing

Share Note Presentation

time

02:10 ~ 03:10

site

Workshop

Timing attack, as its name, is an attack based on time - though different execution times of the program under different inputs, attackers could take advantage and leak crucial information. In this workshop, we will start with an example through a timing attack on a string compare program and then discuss some attack techniques and scenarios, including attacks against bad cryptographic algorithm implementations and browsers. Finally, we will introduce commonly used mitigations against timing attacks and how they fail.

Note: This workshop is intended for someone unfamiliar with the timing attack.

Recommended Equipments
A laptop with Python 3 and any web browser.

Allen Chou

Allen Chou

Allen Chou is now a undergraduate with interests in web security and started to seek other field of research recently.

English interpretations will be provided for all sessions not presented in English.

Agenda Table

00:30

Attendant Registration Time

01:20

Welcome Speech & Event Introduce

02:10

R0
Insight and trend: Worldwide threat landscape from Microsoft Threat Intelligence Center
Mark Parsons | Justin Warner
50 min
KeynoteVirtualLive Q&AThreat IntelligenceCyberwar

03:00

Break

03:15

R0
Taming the Chaos of Supply Chain Security Risks with MITRE's System of Trust™
Robert A. Martin
50 min
KeynoteStreamingLive Q&ABlue TeamMITRE

04:05

Lunch

05:00

05:45

Break

06:00

06:45

Tea Time

07:00

07:25

08:10

Break

08:25

09:10

Closing

09:25