End-to-end Internet packet dynamics
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
On calibrating measurements of packet transit times
SIGMETRICS '98/PERFORMANCE '98 Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
Measurements and analysis of end-to-end Internet dynamics
Measurements and analysis of end-to-end Internet dynamics
Proceedings of the 7th ACM conference on Computer and communications security
Critical path analysis of TCP transactions
IEEE/ACM Transactions on Networking (TON)
PC based precision timing without GPS
SIGMETRICS '02 Proceedings of the 2002 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Timing Attack against RSA with the Chinese Remainder Theorem
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Optical Time-Domain Eavesdropping Risks of CRT Displays
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
PlanetLab: an overlay testbed for broad-coverage services
ACM SIGCOMM Computer Communication Review
Robust synchronization of software clocks across the internet
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Remote Physical Device Fingerprinting
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Improving Brumley and Boneh timing attack on unprotected SSL implementations
Proceedings of the 12th ACM conference on Computer and communications security
Introduction to the Practice of Statistics Minitab Manual and Minitab Version 14
Introduction to the Practice of Statistics Minitab Manual and Minitab Version 14
Exposing private information by timing web applications
Proceedings of the 16th international conference on World Wide Web
Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Remote timing attacks are practical
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Side channel cryptanalysis of product ciphers
Journal of Computer Security
Micro-Architectural Cryptanalysis
IEEE Security and Privacy
Compromising Reflections-or-How to Read LCD Monitors around the Corner
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Trace-driven cache attacks on AES (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Timing attacks on NTRUEncrypt via variation in the number of hash calls
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Predicting secret keys via branch prediction
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Cache based remote timing attack on the AES
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Application-level reconnaissance: timing channel attacks against antivirus software
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Differential privacy under fire
SEC'11 Proceedings of the 20th USENIX conference on Security
Compiler mitigations for time attacks on modern x86 processors
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
An enhanced differential cache attack on CLEFIA for large cache lines
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
WAFFle: fingerprinting filter rules of web application firewalls
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Improving timing attack on RSA-CRT via error detection and correction strategy
Information Sciences: an International Journal
Hardware Prefetchers Leak: A Revisit of SVF for Cache-Timing Attacks
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Attacks on implementations of cryptographic algorithms: side-channel and fault attacks
Proceedings of the 6th International Conference on Security of Information and Networks
Remote cache-timing attacks against AES
Proceedings of the First Workshop on Cryptography and Security in Computing Systems
| Hi-index | 0.00 |
Many algorithms can take a variable amount of time to complete depending on the data being processed. These timing differences can sometimes disclose confidential information. Indeed, researchers have been able to reconstruct an RSA private key purely by querying an SSL Web server and timing the results. Our work analyzes the limits of attacks based on accurately measuring network response times and jitter over a local network and across the Internet. We present the design of filters to significantly reduce the effects of jitter, allowing an attacker to measure events with 15-100μs accuracy across the Internet, and as good as 100ns over a local network. Notably, security-related algorithms on Web servers and other network servers need to be carefully engineered to avoid timing channel leaks at the accuracy demonstrated in this article.