TY - GEN
T1 - Skiplist Timing Attack Vulnerability
AU - Nussbaum, Eyal
AU - Segal, Michael
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2019.
PY - 2019/1/1
Y1 - 2019/1/1
N2 - In this paper we address the structure and behavior of the probabilistic Skiplist data structure and present an exploit in the form of a timing attack on the structure. In this exploit, we show how to map the presumably hidden structure of a Skiplist by timing the return time of search queries. This data can then be used to perform operations on the Skiplist which will cause a degradation in its subsequent performance. In addition, we describe another exploitation of this data to use the Skiplist as a means of creating a hidden channel between two attackers. Finally, we propose a new variant of Skiplist we call a Splay Skiplist, which retains the $$O(\log n)$$ performance of Skiplist while defending against the stated exploit.
AB - In this paper we address the structure and behavior of the probabilistic Skiplist data structure and present an exploit in the form of a timing attack on the structure. In this exploit, we show how to map the presumably hidden structure of a Skiplist by timing the return time of search queries. This data can then be used to perform operations on the Skiplist which will cause a degradation in its subsequent performance. In addition, we describe another exploitation of this data to use the Skiplist as a means of creating a hidden channel between two attackers. Finally, we propose a new variant of Skiplist we call a Splay Skiplist, which retains the $$O(\log n)$$ performance of Skiplist while defending against the stated exploit.
KW - Complexity
KW - Data structures
KW - Security
KW - Skiplist
KW - Timing attacks
UR - http://www.scopus.com/inward/record.url?scp=85075614634&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-31500-9_4
DO - 10.1007/978-3-030-31500-9_4
M3 - Conference contribution
AN - SCOPUS:85075614634
SN - 9783030314996
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 49
EP - 58
BT - Data Privacy Management, Cryptocurrencies and Blockchain Technology - ESORICS 2019 International Workshops, DPM 2019 and CBT 2019, Proceedings
A2 - Pérez-Solà, Cristina
A2 - Navarro-Arribas, Guillermo
A2 - Biryukov, Alex
A2 - Garcia-Alfaro, Joaquin
PB - Springer
T2 - 14th International Workshop on Data Privacy Management, DPM 2019, and the 3rd International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2019, held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019
Y2 - 26 September 2019 through 27 September 2019
ER -