scispace - formally typeset
Search or ask a question
Topic

Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.


Papers
More filters
Proceedings ArticleDOI
12 Oct 2015
TL;DR: It is shown that modern browsers expose new side-channels that can be used to acquire accurate timing measurements, regardless of network conditions, and it is demonstrated that the nature of the attacks renders traditional defenses, i.e., those based on randomly delaying responses, moot.
Abstract: Web-based timing attacks have been known for over a decade, and it has been shown that, under optimal network conditions, an adversary can use such an attack to obtain information on the state of a user in a cross-origin website. In recent years, desktop computers have given way to laptops and mobile devices, which are mostly connected over a wireless or mobile network. These connections often do not meet the optimal conditions that are required to reliably perform cross-site timing attacks. In this paper, we show that modern browsers expose new side-channels that can be used to acquire accurate timing measurements, regardless of network conditions. Using several real-world examples, we introduce four novel web-based timing attacks against modern browsers and describe how an attacker can use them to obtain personal information based on a user's state on a cross-origin website. We evaluate our proposed attacks and demonstrate that they significantly outperform current attacks in terms of speed, reliability, and accuracy. Furthermore, we show that the nature of our attacks renders traditional defenses, i.e., those based on randomly delaying responses, moot and discuss possible server-side defense mechanisms.

86 citations

Book ChapterDOI
01 Jun 1986
TL;DR: A new attack on the RSA cryptosystem is presented, which is considerably more efficient than the best algorithms that are known for factoring the public modulus.
Abstract: A new attack on the RSA cryptosystem is presented. This attack assumes less than previous chosen ciphertext attacks, since the cryptanalyst has to obtain the plaintext versions of some carefully chosen ciphertexts only once, and can then proceed to decrypt further ciphertexts without further recourse to the authorized user's decrypting facility. This attack is considerably more efficient than the best algorithms that are known for factoring the public modulus. The same idea can also be used to develop an attack on the three-pass system of transmitting information using exponentiation in a finite field.

85 citations

Book ChapterDOI
13 Aug 2002
TL;DR: A DPA attack that uses byte-wise hypotheses on the remainder after the modular reduction with one of the primes, named MRED ("Modular Reduction on Equidistant Data"), which can protect the reduction modulo a secret prime against MRED.
Abstract: Published DPA attack scenarios against the RSA implementation exploit the possibility of predicting intermediate data during a straight-forward square-multiply exponentiation algorithm. An implementation of RSA using CRT (Chinese Remainder Theorem) prevents the pre-calculation of intermediate results during the exponentiation algorithm by an attacker. In this paper, we present a DPA attack that uses byte-wise hypotheses on the remainder after the modular reduction with one of the primes. Instead of using random input data this attack uses k series of input data with an equidistant step distance of 1, 256, (256)2,.., (256)k. The basic assumption of this DPA attack named MRED ("Modular Reduction on Equidistant Data") is that the distance of the input data equals the distance of the intermediate data after the modular reduction at least for a subgroup of single measurements. A function Fk that is composed of the k DPA results is used for the approximation of a multiple of the prime. Finally the gcd gives the prime. The number of DPA calculations increases linear to the number of bytes of the prime to be attacked. MRED is demonstrated using simulated measurement data. The practical efficiency is assessed. If the applicability of this attack is limited due to padding formats in RSA signature applications, the least significant bytes of the remainder after the modular reduction step can still be revealed. Multiplicative message blinding can protect the reduction modulo a secret prime against MRED.

84 citations

Book ChapterDOI
20 Aug 2013
TL;DR: This paper presents extremely fast algorithms for code-based public-key cryptography, including full protection against timing attacks, and achieves a reciprocal decryption throughput of just 60493 cycles on a single Ivy Bridge core.
Abstract: This paper presents extremely fast algorithms for code-based public-key cryptography, including full protection against timing attacks. For example, at a 2128 security level, this paper achieves a reciprocal decryption throughput of just 60493 cycles (plus cipher cost etc.) on a single Ivy Bridge core. These algorithms rely on an additive FFT for fast root computation, a transposed additive FFT for fast syndrome computation, and a sorting network to avoid cache-timing attacks.

82 citations

Book ChapterDOI
17 Oct 2008
TL;DR: A Timing Attack is presented which was executed successfully against a software implementation of the McEliece PKC, and the critical system components for key generation and decryption are inspected to identify channels enabling power and cache attacks.
Abstract: The McEliece public key cryptosystem (PKC) is regarded as secure in the presence of quantum computers because no efficient quantum algorithm is known for the underlying problems, which this cryptosystem is built upon. As we show in this paper, a straightforward implementation of this system may feature several side channels. Specifically, we present a Timing Attack which was executed successfully against a software implementation of the McEliece PKC. Furthermore, the critical system components for key generation and decryption are inspected to identify channels enabling power and cache attacks. Implementation aspects are proposed as countermeasures to face these attacks.

82 citations


Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
89% related
Public-key cryptography
27.2K papers, 547.7K citations
88% related
Encryption
98.3K papers, 1.4M citations
85% related
Authentication
74.7K papers, 867.1K citations
85% related
Key (cryptography)
60.1K papers, 659.3K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202312
202221
202120
202030
201956
201849