312-50V11 · Question #1014
An attacker decided to crack the passwords used by industrial control systems. In this process, he employed a loop strategy to recover these passwords. He used one character at a time to check whether
The correct answer is A. Side-channel attack. By measuring how long the authentication process takes per character attempt, the attacker deduces correct password characters one at a time using a timing side-channel attack.
Question
An attacker decided to crack the passwords used by industrial control systems. In this process, he employed a loop strategy to recover these passwords. He used one character at a time to check whether the first character entered is correct; if so, he continued the loop for consecutive characters. If not, he terminated the loop. Furthermore, the attacker checked how much time the device took to finish one complete password authentication process, through which he deduced how many characters entered are correct. What is the attack technique employed by the attacker to crack the passwords of the industrial control systems?
Options
- ASide-channel attack
- BDenial-of-service attack
- CHMI-based attack
- DBuffer overflow attack
How the community answered
(42 responses)- A43% (18)
- B10% (4)
- C17% (7)
- D31% (13)
Why each option
By measuring how long the authentication process takes per character attempt, the attacker deduces correct password characters one at a time using a timing side-channel attack.
A side-channel attack exploits indirect information leaked by a system's physical or temporal behavior rather than a weakness in the cryptographic algorithm itself. The attacker here uses a timing attack - a specific side-channel variant - correlating the ICS device's authentication duration with how many characters were matched before the loop terminated, allowing sequential password recovery without ever brute-forcing the full credential space.
A denial-of-service attack aims to make a system unavailable by exhausting its resources with excessive requests, and involves no timing analysis or character-level password reconstruction.
An HMI-based attack targets vulnerabilities in the Human-Machine Interface application layer of ICS environments, exploiting software flaws in the operator interface rather than measuring authentication response timing.
A buffer overflow attack corrupts adjacent memory by writing beyond an allocated buffer boundary to redirect execution flow, and is entirely unrelated to timing the authentication loop to infer correct password characters.
Concept tested: Timing side-channel attack on ICS password authentication
Source: https://csrc.nist.gov/glossary/term/side_channel_attack
Topics
Community Discussion
No community discussion yet for this question.