scispace - formally typeset
Search or ask a question
Topic

Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: The algorithm proposed in the present study provides an error detection mechanism and correction strategy that can detect and correct the erroneous decision of guessing q"k"k with an improvement timing attack on the RSA algorithm in OpenSSL.

30 citations

Journal ArticleDOI
04 Nov 2015
TL;DR: This work shows that Curve25519 is likewise competitive on FPGAs even when countermeasures to thwart side-channel power analysis are included, and achieves a maximal performance of more than 32,000 point multiplications per second on a Xilinx Zynq 7020 FPGA.
Abstract: For security-critical embedded applications Elliptic Curve Cryptography (ECC) has become the predominant cryptographic system for efficient key agreement and digital signatures. However, ECC still involves complex modular arithmetic that is a particular burden for small processors. In this context, Bernstein proposed the highly efficient ECC instance Curve25519 that particularly enables efficient software implementations at a security level comparable to AES-128 with inherent resistance to simple power analysis (SPA) and timing attacks. In this work, we show that Curve25519 is likewise competitive on FPGAs even when countermeasures to thwart side-channel power analysis are included. Our basic multicore DSP-based architectures achieves a maximal performance of more than 32,000 point multiplications per second on a Xilinx Zynq 7020 FPGA. Including a mix of side-channel countermeasures to impede simple and differential power analysis, we still achieve more than 27,500 point multiplications per second with a moderate increase in logic resources.

30 citations

Proceedings ArticleDOI
03 May 1998
TL;DR: New attacks against a user workstation's trusted path mechanism called Trojan horse non-persistence are presented, which can cause a user's password to leak bits and be combined with network authentication protocol brute-force attacks against the remainder of the key space.
Abstract: Presents new attacks against a user workstation's trusted path mechanism. These timing attacks can cause a user's password to leak bits. The timing attacks can then be combined with network authentication protocol brute-force attacks against the remainder of the key space to obtain the user's password. We present several countermeasures against this attack. We also define a property of user systems (workstations) called Trojan horse non-persistence. Workstations that fail to have this properly are more vulnerable to the timing attack and other Trojan horse attacks.

30 citations

01 Jan 2000
TL;DR: The paper first presents the basic principle of the timing attack, then briefly discusses several error-correction policies and describes the results the authors obtain implementing them on a parallel architecture of 4 processors PA8000 @ 180Mhz with 4 Gbytes RAM.
Abstract: Implementations of cryptographic algorithms often perform computations in non-constant time, due to performance optimizations. If such operations involve secret parameters, these timing variations can leak some information and, provided enough knowledge of the implementation is at hand, a careful statistical analysis could even lead to the total recovery of these secret parameters. This idea, due to Kocher [Koc96], was developed in [DKL98], were a timing attack against an actual smart card implementation of the RSA was conducted. The paper’s conclusion was that, however impressive, the obtained results could be improved even further in several aspects, especially regarding the errorcorrection policy. The paper first presents the basic principle of the timing attack, then briefly discusses several error-correction policies and describes the results we obtain implementing them on a parallel architecture of 4 processors PA8000 @ 180Mhz with 4 Gbytes RAM.

29 citations

Posted Content
TL;DR: In this paper, Bos, Costello, Naehrig, and Stebila proposed an instantiation of Peikert's ring-learning-with-errors-based (Ring-LWE) key exchange protocol (PQCrypto 2014), together with an implementation integrated into OpenSSL, with the affirmed goal of providing postquantum security for TLS.
Abstract: At IEEE Security & Privacy 2015, Bos, Costello, Naehrig, and Stebila proposed an instantiation of Peikert’s ring-learning-with-errors–based (Ring-LWE) keyexchange protocol (PQCrypto 2014), together with an implementation integrated into OpenSSL, with the affirmed goal of providing post-quantum security for TLS. In this work we revisit their instantiation and stand-alone implementation. Specifically, we propose new parameters and a better suited error distribution, analyze the scheme’s hardness against attacks by quantum computers in a conservative way, introduce a new and more efficient error-reconciliation mechanism, and propose a defense against backdoors and all-for-the-price-of-one attacks. By these measures and for the same lattice dimension, we more than double the security parameter, halve the communication overhead, and speed up computation by more than a factor of 9 in a portable C implementation and by more than a factor of 24 in an optimized implementation targeting current Intel CPUs. These speedups are achieved with comprehensive protection against timing attacks.

29 citations


Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
89% related
Public-key cryptography
27.2K papers, 547.7K citations
88% related
Encryption
98.3K papers, 1.4M citations
85% related
Authentication
74.7K papers, 867.1K citations
85% related
Key (cryptography)
60.1K papers, 659.3K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202312
202221
202120
202030
201956
201849