Vulnerability Development mailing list archives

Re: Is there a hidden channel in X authentication?

From: Matt Conover <shok () camel ethereal net>
Date: Thu, 17 May 2001 15:08:02 -0700 (PDT)

However, at least one X server uses the memcmp() library function to
compare the stored cookie with the cookie sent by the client. This func-
tion is optimized for speed. In particular, the execution time of memcmp()
is proportional to the position of the first non-matching byte in the two
cookies.


Well, to a degree it does.  Obviously it affects all sequential byte
comparisons.  However, whether you can accurately detect it or not depends
on a lot of things.  If you were trying to run this against a computer on
another network, the network congestion could easily mislead you, given
that the difference in comparing a key with 13 of the 16 bytes accurate
vs. 1 of 16 bytes accurate only differs by a few microseconds.  If there
are a few microseconds of inconsistency with network congestion, your
results will be misleading.

With that said, if you were on a reliable LAN and the target computer
wasn't running other processes that could steal CPU time between system 
calls and give misleading results, there is a few microseconds of 
difference, as the following code shows:

unsigned char buf[16] =
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f";

unsigned char buf1[16] =
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x01\x01\x01";

unsigned char buf2[16] =
"\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01";
 
  gettimeofday(&start_time, NULL);
  memcpy(buf, buf1, 16);
  gettimeofday(&end_time, NULL);
 
  printf("%ld seconds and %ld microseconds\n",
         end_time.tv_sec - start_time.tv_sec,
         end_time.tv_usec - start_time.tv_usec);                                                                        
                                                          
 
  gettimeofday(&start_time, NULL);
  memcpy(buf, buf1, 16);
  gettimeofday(&end_time, NULL);
 
  printf("%ld seconds and %ld microseconds\n",
         end_time.tv_sec - start_time.tv_sec,
         end_time.tv_usec - start_time.tv_usec);                                                                        
                                                          

The difference on a 600 MHz processor is 6-7 microseconds:
0 seconds and 8 microseconds
0 seconds and 1 microseconds

Matthew Conover

Current thread:

Is there a hidden channel in X authentication? Klaus Frank (May 17)
- Re: Is there a hidden channel in X authentication? Matt Conover (May 21)
- Re: Is there a hidden channel in X authentication? Pavel Kankovsky (May 21)
  - Re: Is there a hidden channel in X authentication? Klaus Frank (May 22)
  - Re: Is there a hidden channel in X authentication? David Wagner (May 22)
  - Re: Is there a hidden channel in X authentication? Martin Rex (May 23)
  - Re: Is there a hidden channel in X authentication? wwieser (May 27)
    - Re: Is there a hidden channel in X authentication? Pavel Kankovsky (May 28)
- <Possible follow-ups>
- RE: Is there a hidden channel in X authentication? Michael Wojcik (May 21)
  - RE: Is there a hidden channel in Xauthentication? Klaus Frank (May 22)
  - Re: Is there a hidden channel in X authentication? David Wagner (May 22)