Annual International Cryptology Conference

CRYPTO 1996: Advances in Cryptology — CRYPTO ’96 pp 104-113

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

  • Paul C. Kocher
Conference paper

DOI: 10.1007/3-540-68697-5_9

Volume 1109 of the book series Lecture Notes in Computer Science (LNCS)


By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Diffie-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevent timing attacks.


timing attackcryptanalysisRSADiffie-HellmanDSS
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Paul C. Kocher
    • 1
  1. 1.Cryptography ConsultantStanfordUSA