Timing attacks against user logon and network I/O
First Claim
1. A method for protecting against timing attacks a trusted path mechanism, comprising:
- modifying, by a computer system, a trusted path mechanism implementation to be a multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the first thread running in a loop at a high priority relative to the timing Trojan horse;
wherein modifying the trusted oath mechanism implementation to be a multithreaded process comprises modifying a control thread, the control thread operable to provide a communication oath between an input device and an operating system, to include the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running;
receiving, by the control thread, a first input from the input device, the first input representing a first character of a keycode;
creating, by the control thread, the first thread in response to receiving the first input;
initiating, by the control thread, execution of the second thread to process the first input received from the input device;
detecting completion of processing of the first input from the input device by the second thread; and
in response to completion of the processing of the first input from the input device, discontinuing, by the control thread, execution of the second thread and initiating execution of the first thread in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running.
1 Assignment
0 Petitions
Accused Products
Abstract
In a first aspect of the invention, method for classifying characters within a character string entered via a keyboard device includes logging interrupts, checking a time between interrupts, checking an interrupt duration and classifying the characters within the character string based upon the time between interrupts and the interrupt duration. In a second aspect of the invention, a method for protecting against timing attacks against a trusted path mechanism includes employing a multithreaded process with a first thread to prevent any timing Trojan horses from running, running the first thread in a loop at a first priority and preventing unprivileged processes from obtaining a priority higher than the first priority.
49 Citations
18 Claims
-
1. A method for protecting against timing attacks a trusted path mechanism, comprising:
-
modifying, by a computer system, a trusted path mechanism implementation to be a multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the first thread running in a loop at a high priority relative to the timing Trojan horse; wherein modifying the trusted oath mechanism implementation to be a multithreaded process comprises modifying a control thread, the control thread operable to provide a communication oath between an input device and an operating system, to include the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running; receiving, by the control thread, a first input from the input device, the first input representing a first character of a keycode; creating, by the control thread, the first thread in response to receiving the first input; initiating, by the control thread, execution of the second thread to process the first input received from the input device; detecting completion of processing of the first input from the input device by the second thread; and in response to completion of the processing of the first input from the input device, discontinuing, by the control thread, execution of the second thread and initiating execution of the first thread in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running. - View Dependent Claims (2, 11, 12, 13, 18)
-
-
3. A method for protecting against timing attacks a trusted path mechanism, comprising:
-
employing, by a computer system, a multithreaded process executing on a CPU of the computer system, the multithreaded process comprising a first thread to prevent any timing Trojan horses from running; running, by the computer system, the first thread in a loop at a first priority; and prohibiting, by the computer system, unprivileged processes from obtaining a priority higher than the first priority; wherein employing a multithreaded process executing on the CPU of the computer system comprises employing a control thread, the control thread operable to provide a communication path between an input device and an operating system, the control thread including the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running. - View Dependent Claims (4, 14, 15, 16, 17)
-
-
5. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to protect against timing attacks a trusted path mechanism, comprising:
-
a first module comprising code for causing a machine to modify a trusted path mechanism implementation to be a multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the first thread running in a loop at a high priority relative to the timing Trojan horse; wherein when modifying the trusted path mechanism implementation to be a multithreaded process, the first module is configured to modify a control thread, the control thread operable to provide a communication path between an input device and an operating system, to include the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running; receiving, by the control thread, a first input from the input device, the first input representing a first character of a keycode; creating, by the control thread, the first thread in response to receiving the first input; initiating by the control thread, execution of the second thread to process the first input received from the input device; detecting completion of processing of the first input from the input device by the second thread; and in response to completion of the processing of the first input from the input device, discontinuing, by the control thread, execution of the second thread and initiating execution of the first thread in a loop at a high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running.
-
-
6. An apparatus for protecting against timing attacks a trusted path mechanism, comprising:
-
means for modifying a trusted path mechanism implementation to be a multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the first thread running in a loop at a high priority relative to the timing Trojan horse; wherein means for modifying the trusted path mechanism implementation to be a multithreaded process comprises means for modifying a control thread, the control thread operable to provide a communication path between an input device and an operating system, to include the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running; means for receiving, by the control thread, a first input from the input device, the first input representing a first character of a keycode; means for creating, by the control thread, the first thread in response to receiving the first input; means for initiating, by the control thread, execution of the second thread to process the first input received from the input device; means for detecting completion of processing of the first input from the input device by the second thread; and in response to completion of the processing of the first input from the input device, means for discontinuing, by the control thread, execution of the second thread and initiating execution of the first thread in a loon at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running.
-
-
7. A computer system for protecting against timing attacks a trusted path mechanism, the computer system comprising:
-
a cache; and a CPU adapted to execute a trusted path multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the first thread adapted to run in a loop at a high priority relative to the timing Trojan horse; the CPU further configured to modify the trusted oath multithreaded process comprises, when modifying, the CPU configured to modify a control thread, the control thread operable to provide a communication oath between an input device and an operating system, to include the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running; receiving, by the control thread, a first input from the input device, the first input representing a first character of a keycode; creating, by the control thread, the first thread in response to receiving the first input; initiating, by the control thread, execution of the second thread to process the first input received from the input device; detecting completion of processing of the first input from the input device by the second thread; and in response to completion of the processing of the first input from the input device, discontinuing, by the control thread, execution of the second thread and initiating execution of the first thread in a loon at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running. - View Dependent Claims (8)
-
-
9. A computer system for protecting against timing attacks a trusted path mechanism, the computer system comprising:
-
a cache; and a CPU for executing a multithreaded process comprising a first thread to prevent any timing Trojan horses from running, the CPU further adapted to run the first thread in a loop at a first priority, and prohibit unprivileged processes from obtaining a priority higher than the first priority; wherein, when executing a multithreaded process, the CPU is configured to employ a control thread, the control thread operable to provide a communication path between an input device and an operating system, the control thread including the first thread configured to execute the high priority relative to the timing Trojan horse in response to an absence of an input from the input device and a second thread configured to execute in response to receipt of an input from the input device, the first thread and the second thread being operable to run in a substantially consecutive manner, the first thread being operable to run in a loop at the high priority relative to the timing Trojan horse to prevent the timing Trojan horses from running. - View Dependent Claims (10)
-
Specification