Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
2011
Springer
2011
Springer
Remote Timing Attacks Are Still Practical
For over two decades, timing attacks have been an active area of research within applied cryptography. These attacks exploit cryptosystem or protocol implementations that do not run in constant time. When implementing an elliptic curve cryptosystem with a goal to provide side-channel resistance, the scalar multiplication routine is a critical component. In such instances, one attractive method often suggested in the literature is Montgomery’s ladder that performs a fixed sequence of curve and field operations. This paper describes a timing attack vulnerability in OpenSSL’s ladder implementation for curves over binary fields. We use this vulnerability to steal the private key of a TLS server where the server authenticates with ECDSA signatures. Using the timing of the exchanged messages, the messages themselves, and the signatures, we mount a lattice attack that recovers the private key. Finally, we describe and implement an effective countermeasure.
Real-time TrafficElliptic Curve Cryptosystem | ESORICS 2011 | Protocol Implementations | Scalar Multiplication | Security Privacy |
Related Content
| Added | 20 Dec 2011 |
| Updated | 20 Dec 2011 |
| Type | Journal |
| Year | 2011 |
| Where | ESORICS |
| Authors | Billy Bob Brumley, Nicola Tuveri |
Comments (0)
Researcher Info
|
