| In most secure communication standards today, additional latency is kept to a minimum to preserve the Quality-of-Service. As a result, it is possible to mount side-channel attacks using timing analysis. In this thesis we discuss the viability of these attacks, and demonstrate them by inferring Hidden Markov Models of protocols. These Hidden Markov Models can be used to both detect protocol use and infer information about protocol state. We create experiments that use Markov models to generate traffic and show that we can accurately reconstruct models under many circumstances. We analyze what occurs when timing delays have enough jitter that we can not accurately assign packets to bins. Finally, we show that we can accurately identify the language used for cryptographically protected interactive sessions -- Italian or English -- on-line with as few as 77 symbols. A maximum-likelihood estimator, the forward-backward procedure, and confidence interval analysis are compared. |
PDF Full Text Request