The ND2DB attack: Database content extraction using timing attacks on the indexing algorithms
Ariel Futoransky, Damián Saura and Ariel Waissbein
First Workshop on Offensive Technologies (WOOT `07), co-located with the 16th USENIX Security Symposium (USENIX Security '07), August 6–10, 2007.
Date published
database management systems, timing attacks,


In this paper we present a new attack technique that allows extraction of selected database content relying merely on the attacker’s ability to perform database transactions (INSERTs or UPDATEs) that are usually available to any anonymous database user. Our attack technique uses a side-channel timing attack in the realm of database indexing algorithms and data structures. We prove that by exploiting the inherent characteristics of the most commonly used indexing data structures and algorithms in today’s commercial database management systems it is possible to extract privacy-sensitive data from a database. In particular we prove, both in theory and practice that it is feasible to do so if the B-tree data structure is used and the attacker is able to insert records with chosen data that is used as the search key of one of the table’s indexes. We present experimental results of a successful attack implementation against MySQL and provide conclusions and ideas for further research.