A Practical Implementation of the Timing Attack
When the running time of a cryptographic algorithm is non-constant, timing measurements can leak information about the secret key. This idea, first publicly introduced by Kocher, is developed here to attack an earlier version of the CASCADE smart card. We propose several improvements on Kocher’s ideas, leading to a practical implementation that is able to break a 512-bit key in few hours, provided we are able to collect 300000 timing measurements (128-bit keys can be recovered in few seconds using a personal computer and less than 10000 samples). We therefore show that the timing attack represents an important threat against cryptosystems, which must be very seriously taken into account.
Keywordstiming attack cryptanalysis RSA smart card
Unable to display preview. Download preview PDF.
- [Cas]Cascade (Chip Architecture for Smart CArds and portable intelligent DEvices). Project funded by the European Community, see http://www.dice.ucl.ac.be/crypto/cascade
- [Dhe98]Dhem, J.F.: Design of an efficient public-key cryptographic library for RISC- based smart cards. PhD thesis, Université catholique de Louvain - UCL Crypto Group - Laboratoire de microélectronique (DICE) (May 1998)Google Scholar
- [Koc96]Kocher, P.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- [Ler98]Leroux, P.-A.: Timing cryptanalysis: Breaking security protocols by measuring transaction times. Master’s thesis, Université catholique de Louvain - UCL Crypto Group (June 1998) Google Scholar
- [RSA78]Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. In: Proc. Communications of the ACM, vol. 21, pp. 120–126. ACM Press, New York (1978)Google Scholar
- [Wil98]Willems, J.-L.: Timing attack of secured devices (in French). Masters thesis, Université catholique de Louvain - UCL Crypto Group (June 1998) Google Scholar