I have a simple executable binary. It takes as input a user supplied string and compares it with a private string using strcmp
. How can I slow down the execution of this program such that I can launch a statistical timing attack on the string comparison? Currently the early-exit nature of strcmp
is too slight to detect.
Assume I have local privileges, the binary is owned by another user, and the system is ulimit
protected against fork bombs.
While I get that I could use the strings command or reverse engineering to get the private string, this is intended as a POC for the feasibility of timing attacks on compiled programs on modern systems.