Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.

The All-Seeing Eye: A Massive-Multi-Sensor Zero-Configuration Intrusion Detection System for Web Applications

Abstract: Timing attacks are a challenge for current intrusion detection solutions. Timing attacks are dangerous for web applications because they may leak information about side channel vulnerabilities. This paper presents a massive-multi-sensor zero-configuration Intrusion Detection System that is especially good at detecting timing attacks. Unlike current solutions, the proposed Intrusion Detection System uses a huge number of sensors for attack detection. These sensors include sensors automatically inserted into web application or into the frameworks used to build web applications. With this approach the Intrusion Detection System is able to detect sophisticated attacks like timing attacks or other brute-force attacks with increased accuracy. The proposed massive-multi-sensor zero-configuration intrusion detection system does not need specific knowledge about the system to protect, hence it offers zero-configuration capability.

Strong Stationary Times and its use in Cryptography

Abstract: This paper presents applicability of Strong Stationary Times (SST) techniques in the area of cryptography. The applicability is in three areas: (1) Propositions of a new class of cryptographic algorithms (pseudo-random permutation generators) which do not run for the predefined number of steps. Instead, these algorithms stop according to a stopping rule defined as SST, for which one can obtain provable properties: a) results are perfect samples from uniform distribution, b) immunity to timing attacks (no information about the resulting permutation leaks through the information about the number of steps SST algorithm performed). (2) We show how one can leverage properties of SST-based algorithms to construct an implementation (of a symmetric encryption scheme) which is immune to the timing-attack by reusing implementations which are not secure against timing-attacks. In symmetric key cryptography researchers mainly focus on constant time (re)implementations. Our approach goes in a different direction and explores ideas of input masking. (3) Analysis of idealized (mathematical) models of existing cryptographic schemes—i.e., we improve a result by Mironov [21] .

GALACTICS: Gaussian Sampling for Lattice-Based Constant-Time Implementation of Cryptographic Signatures, Revisited.

Abstract: In this paper, we propose a constant-time implementation of the BLISS lattice-based signature scheme. BLISS is possibly the most efficient lattice-based signature scheme proposed so far, with a level of performance on par with widely used pre-quantum primitives like ECDSA. It is only one of the few postquantum signatures to have seen real-world deployment, as part of the strongSwan VPN software suite. The outstanding performance of the BLISS signature scheme stems in large part from its reliance on discrete Gaussian distributions, which allow for better parameters and security reductions. However, that advantage has also proved to be its Achilles' heel, as discrete Gaussians pose serious challenges in terms of secure implementations. Implementations of BLISS so far have included secret-dependent branches and memory accesses, both as part of the discrete Gaussian sampling and of the essential rejection sampling step in signature generation. These defects have led to multiple devastating timing attacks, and were a key reason why BLISS was not submitted to the NIST postquantum standardization effort. In fact, almost all of the actual candidates chose to stay away from Gaussians despite their efficiency advantage, due to the serious concerns surrounding implementation security. Moreover, naive countermeasures will often not cut it: we show that a reasonable-looking countermeasure suggested in previous work to protect the BLISS rejection sampling can again be defeated using novel timing attacks, in which the timing information is fed to phase retrieval machine learning algorithm in order to achieve a full key recovery. Fortunately, we also present careful implementation techniques that allow us to describe an implementation of BLISS with complete timing attack protection, achieving the same level of efficiency as the original unprotected code, without resorting on floating point arithmetic or platform-specific optimizations like AVX intrinsics. These techniques, including a new approach to the polynomial approximation of transcendental function, can also be applied to the masking of the BLISS signature scheme, and will hopefully make more efficient and secure implementations of lattice-based cryptography possible going forward.

Difference Timing Attack Against AES Based on Cache Timing Character

Abstract: By analyzing the relationship between the indexes of array accesses and Cache hit or miss,weakly linear dependence between array indexes and its access time was found and verified with array accesses experiment.Based on analyzing the relationship between the indexes of the array accesses during general crypto implementation and the plaintext/ciphertext with the key,the Cache timing based timing difference analysis side channel attack is proposed.The experiment shows that with 4×104 samples,the search space of the sub-key used in the last round of the AES-128 can be reduced from 2128 to 298.

CRT-based three-prime RSA with immunity against hardware fault attack

Abstract: In this paper, we carry out the study of the Chinese remainder theorem based three-prime RSA cryptosystem. The hardware fault attack on three-prime RSA cryptosystem is analyzed and it is proven that the three-prime RSA is more difficult to be broken than two-prime RSA by the hardware fault attack. Then, Shamir's checking procedure is extended from two-prime to three-prime RSA to increase its immunity against such attack. Finally an immune method for three-prime RSA without checking procedure is proposed in this paper, which is more efficient than the previous methods. It is expected that this proposed system will play an important role in the future cryptography applications.