Abstract
By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Diffie-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevent timing attacks.
Chapter PDF
References
D. Chaum, “Blind Signatures for Untraceable Payments,” Advances in Cryptology: Proceedings of Crypto 82, Plenum Press, 1983, pp. 199–203.
W. Diffie and M.E. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, IT-22, n. 6, Nov 1976, pp. 644–654.
X. Lai, On the Design and Security of Block Ciphers, ETH Series in Information Processing, v. 1, Konstanz: Hartung-Gorre Verlag, 1992.
National Bureau of Standards, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, January 1977.
National Institute of Standards and Technology, “Digital Signature Standard,” Federal Information Processing Standards Publication 186, May 1994.
P.L. Montgomery, “Modular Multiplication without Trial Division,” Mathematics of Computation, v. 44, n. 170, 1985, pp. 519–521.
R.L. Rivest, “The RC5 Encryption Algorithm,” Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 1994, Proceedings, Springer-Verlag, 1994, pp. 86–96.
R.L. Rivest, A. Shamir, and L.M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, 21, 1978, pp. 120–126.
P.R. Rogaway and D. Coppersmith, “A Software-Optimized Encryption Algorithm,” Fast Software Encryption: Cambridge Security Workshop, Cambridge, U.K., December 1993, Proceedings, Springer-Verlag, 1993, pp. 56–63.
RSA Laboratories, “RSAREF: A Cryptographic Toolkit,” Version 2.0, 1994, available via FTP from rsa.com.
B. Schneier, “Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish),” Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 1994, Proceedings, Springer-Verlag, 1994, pp. 191–204.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kocher, P.C. (1996). Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (eds) Advances in Cryptology — CRYPTO ’96. CRYPTO 1996. Lecture Notes in Computer Science, vol 1109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68697-5_9
Download citation
DOI: https://doi.org/10.1007/3-540-68697-5_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61512-5
Online ISBN: 978-3-540-68697-2
eBook Packages: Springer Book Archive