Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Abstract: Hybrid AC/HVDC (AC-HVDC) grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

Boosting Profiled Cache Timing Attacks With A Priori Analysis

Abstract: The vulnerability of cryptographic devices to side-channel attacks is of interest in the domain of information security. The success of a side-channel attack depends on the crypto-algorithm implementation, the platform being attacked, and the attack strategy. While the former two parameters are generally beyond the adversary's control, the choice of the attack strategy is solely with the adversary. However, there is no unique “best attack strategy.” The attack strategy that works best for one platform may not be the best for another. Further there is no systematic way to choose the best attack strategy from the available pool. In this paper, we analyze a category of side-channel attacks known as profiled cache-timing attacks and develop a methodology by which an adversary capable of limited number of side-channel measurements can choose the best strategy prior to the actual attack. The methodology is tested on several platforms and cipher implementations and shows that the best attacking strategy can be estimated closely, without the requirement of an exhaustive search.

Rational Protection against Timing Attacks

Abstract: Timing attacks can effectively recover keys from cryptosystems. While they can be defeated using constant-time implementations, this defensive approach comes at the price of a performance penalty. One is hence faced with the problem of striking a balance between performance and security against timing attacks. In this paper, we propose a systematic approach for determining the optimal protection against timing attacks, on the example of cryptosystems based on discrete logarithms. Our model includes a resource-bounded timing adversary who strives to maximize the probability of key recovery, and a defender who strives to reduce the cost while maintaining a certain degree of security. We obtain the optimal protection as an equilibrium in a game between the defender and the adversary. At the heart of the equilibrium computation are novel bounds for the probability of key recovery, which are expressed as a function of the applied protection and the attack strategy of a timing adversary. We put our techniques to work in a case study in which we identify optimal protections for libgcrypt's ElGamal implementation. We determine situations in which the optimal choice is to use a defensive, constant-time implementation and a small key, and situations in which the optimal choice is a more aggressively tuned (but leaky) implementation with a longer key.

A Design for Modular Exponentiation Coprocessor in Mobile Telecommunication Terminals

Abstract: Following requirements are necessary when implementing public key cryptography in a mobile telecommunication terminal. (1) simultaneous highspeed double modular exponentiation calculation, (2) small size and low power consumption, (3) resistance to side channel attacks. We have developed a coprocessor that provides these requirements. In this coprocessor, right-to-left binary exponentiation algorithm was extended for double modular exponentiations by designing new circuit configuration and new schedule control methods. We specified the desired power consumption of the circuit at the initial design stage. Our proposed method resists side channel attacks that extract secret exponent by analyzing the target's power consumption and calculation time.