Skip to main content

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

  • Conference paper
  • First Online:

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1109)

Abstract

By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Diffie-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevent timing attacks.

Keywords

  • timing attack
  • cryptanalysis
  • RSA
  • Diffie-Hellman
  • DSS

References

  1. D. Chaum, “Blind Signatures for Untraceable Payments,” Advances in Cryptology: Proceedings of Crypto 82, Plenum Press, 1983, pp. 199–203.

    Google Scholar 

  2. W. Diffie and M.E. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, IT-22, n. 6, Nov 1976, pp. 644–654.

    CrossRef  MathSciNet  Google Scholar 

  3. X. Lai, On the Design and Security of Block Ciphers, ETH Series in Information Processing, v. 1, Konstanz: Hartung-Gorre Verlag, 1992.

    Google Scholar 

  4. National Bureau of Standards, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, January 1977.

    Google Scholar 

  5. National Institute of Standards and Technology, “Digital Signature Standard,” Federal Information Processing Standards Publication 186, May 1994.

    Google Scholar 

  6. P.L. Montgomery, “Modular Multiplication without Trial Division,” Mathematics of Computation, v. 44, n. 170, 1985, pp. 519–521.

    MATH  CrossRef  MathSciNet  Google Scholar 

  7. R.L. Rivest, “The RC5 Encryption Algorithm,” Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 1994, Proceedings, Springer-Verlag, 1994, pp. 86–96.

    Google Scholar 

  8. R.L. Rivest, A. Shamir, and L.M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, 21, 1978, pp. 120–126.

    MATH  CrossRef  MathSciNet  Google Scholar 

  9. P.R. Rogaway and D. Coppersmith, “A Software-Optimized Encryption Algorithm,” Fast Software Encryption: Cambridge Security Workshop, Cambridge, U.K., December 1993, Proceedings, Springer-Verlag, 1993, pp. 56–63.

    Google Scholar 

  10. RSA Laboratories, “RSAREF: A Cryptographic Toolkit,” Version 2.0, 1994, available via FTP from rsa.com.

    Google Scholar 

  11. B. Schneier, “Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish),” Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 1994, Proceedings, Springer-Verlag, 1994, pp. 191–204.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kocher, P.C. (1996). Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (eds) Advances in Cryptology — CRYPTO ’96. CRYPTO 1996. Lecture Notes in Computer Science, vol 1109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68697-5_9

Download citation

  • DOI: https://doi.org/10.1007/3-540-68697-5_9

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61512-5

  • Online ISBN: 978-3-540-68697-2

  • eBook Packages: Springer Book Archive

We’re sorry, something doesn't seem to be working properly.

Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.