Remote Timing Attacks are Practical (2003) [71 citations — 3 self]

Download:
http://crypto.stanford.edu/~dabo/papers/ssl-timing
http://theory.stanford.edu/~dabo/papers/ssl-timing
DBLP
CACHED:

by David Brumley , Dan Boneh

In Proceedings of the 12th USENIX Security Symposium

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Brumley03remotetiming,
    author = {David Brumley and Dan Boneh},
    title = {Remote Timing Attacks are Practical},
    booktitle = {In Proceedings of the 12th USENIX Security Symposium},
    year = {2003},
    pages = {1--14}
}

Years of Citing Articles

Bookmarks

OpenURL

Abstract:

Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore all security systems should defend against them.

Citations

1640	Handbook of Applied Cryptography – Menezes, Oorschot, et al. - 1996
270	Modular multiplication without trial division – Montgomery - 1985
211	Timing attacks on implementations of Diffie-Hellman – Kocher
179	On the Importance of Checking Cryptographic Protocols for Faults – Boneh, DeMillo, et al. - 1997
104	solutions to polynomial equations, and low exponent RSA vulnerabilities – COPPERSMITH - 1997
37	A timing attack against RSA with the chinese remainder theorem – Schindler - 2000
34	A practical implementation of the timing attack – Dhem, Koeume, et al. - 1998
29	Differential Power Analysis: Leaking Secrets,”Advances in Cryptology– CRYPTO’99 – Kocher, Jaffee, et al. - 1999
8	Optimized timing attacks against public key cryptosystems – Schindler - 2002
7	Improving divide and conquer attacks against cryptosystems by better error detection /correction strategies – Schindler, Koeune, et al.
6	Empowering side-channel attacks – Rao, Rohatgi, et al. - 2001
6	Unleashing the full power of timing attack – Schindler, Koeune, et al. - 2001
5	A combined timing and power attack – Schindler
3	Quantize wrapper library. http://islab.oregonstate.edu/ documents/People/blaze – Blaze
3	Using the RDTSC instruction for performance monitoring – Intel - 1997
3	intel architecture optimization reference manual – Ia-32 - 2003
2	Vtune performance analyzer for linux v1.1.http://www.intel.com/software/ products/vtune – Intel

View or Download | Add to My Collection | Correct Errors