scispace - formally typeset
Search or ask a question
Topic

Timing attack

About: Timing attack is a research topic. Over the lifetime, 726 publications have been published within this topic receiving 25462 citations.


Papers
More filters
Patent
17 Aug 1998
TL;DR: In this paper, the authors proposed an iterative series of multiplications, where each step executes one or two first multiplications to produce a first result, and a trim-down reduction of the size of the first result by one or more second multiplications is performed to produce the second result.
Abstract: An encrypting exponentiation modulo M is effected by a modular multiplication X*YmodM, where M is a temporally steady but instance-wise non-uniform modulus. The method involves an iterative series of steps. Each step executes one or two first multiplications to produce a first result, and a trim-down reduction of the size of the first result by one or more second multiplications to produce a second result. The method furthermore takes a distinctive measure for keeping the final result of each step below a predetermined multiplicity of the modulus. In particular, the method postpones substantially any subtraction of the modulus as pertaining to the measure to a terminal phase of the modular exponentiation. This is possible through choosing in an appropriate manner one or more parameters figuring in the method. This further maintains overall temporal performance.

17 citations

Book ChapterDOI
08 Sep 2010
TL;DR: A mathematical model to evaluate the expected leakage in a cache as a function of the cache parameters and the victim application behavior is proposed and demonstrated that it accurately estimates side channel leakage for for AES and Blowfish encryption and decryption on a variety of cache configurations.
Abstract: A side channel is an information channel that unintentionally communicates information about a program as a side effect of the implementation. Recent studies have illustrated the use of shared caches as side channels to extract private keys from computationally secure cryptographic applications. The cache side channel is imperfect in the sense that the attacker's ability to detect cache leakage of critical data is limited by the timing issues. Moreover, some detected leakages are due to non-critical data. Thus, it is difficult to assess the degree of vulnerability given the imperfect nature of the side-channel. Similarly, when solutions that further degrade the quality of the channel, but do not necessarily close it completely, are employed, it is difficult to evaluate their effectiveness. To address this need, this paper proposes a mathematical model to evaluate the expected leakage in a cache as a function of the cache parameters and the victim application behavior. We use simulation to quantify these parameters for typical attack scenarios to validate the model. We demonstrate that the proposed model accurately estimates side channel leakage for for AES and Blowfish encryption and decryption on a variety of cache configurations.

16 citations

Book ChapterDOI
05 Jul 2010
TL;DR: This paper provides the first side-channel analysis of the K2 stream cipher, a fast and secure stream cipher built upon the strengths of SNOW 2.0, and shows that naively implemented K2 is vulnerable to cache-timing attacks.
Abstract: In this paper we provide the first side-channel analysis of the K2 stream cipher. K2 is a fast and secure stream cipher built upon the strengths of SNOW 2.0. We apply timing attacks, power analysis, and differential fault analysis to K2. We show that naively implemented K2 is vulnerable to cache-timing attacks, and describe how to implement efficient countermeasures to protect K2 against side-channel attacks in hardware and software.

16 citations

Proceedings ArticleDOI
21 Oct 2020
TL;DR: In this paper, the authors show that the privacy guarantees of the Lightning network may be subverted by an on-path adversary conducting timing attacks on the Hashed Time-Locked Contracts (HTLC) state negotiation messages.
Abstract: The Lightning Network is a scaling solution for Bitcoin that promises to enable rapid and private payment processing. In Lightning, multi-hop payments are secured by utilizing Hashed Time-Locked Contracts (HTLCs) and encrypted on the network layer by an onion routing scheme to avoid information leakage to intermediate nodes. In this work, we however show that the privacy guarantees of the Lightning Network may be subverted by an on-path adversary conducting timing attacks on the HTLC state negotiation messages. To this end, we provide estimators that enable an adversary to reduce the anonymity set and infer the likeliest payment endpoints. We developed a proof-of-concept measurement node that shows the feasibility of attaining time differences and evaluate the adversarial success in model-based network simulations. We find that controlling a small number of malicious nodes is sufficient to observe a large share of all payments, emphasizing the relevance of the on-path adversary model. Moreover, we show that adversaries of different magnitudes could employ timing-based attacks to deanonymize payment endpoints with high precision and recall.

16 citations

Journal ArticleDOI
TL;DR: This study aims at profiling the feasibility to carry IPv6 spoofing attack on the 6LoWPAN network, and observes that attacker code can be accommodated in memory constrained devices, and uses less energy to perform the attack, which manifests its feasibility.

16 citations


Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
89% related
Public-key cryptography
27.2K papers, 547.7K citations
88% related
Encryption
98.3K papers, 1.4M citations
85% related
Authentication
74.7K papers, 867.1K citations
85% related
Key (cryptography)
60.1K papers, 659.3K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202312
202221
202120
202030
201956
201849