Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Practical Implementation of the Timing Attack
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
A Combined Timing and Power Attack
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cache Timing Attacks on Clefia
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
An introduction to implementation attacks and countermeasures
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Data structures with unpredictable timing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Predictive black-box mitigation of timing channels
Proceedings of the 17th ACM conference on Computer and communications security
Weak bisimulation for Probabilistic Timed Automata
Theoretical Computer Science
Shape analysis for power signal cryptanalysis on secure components
Journal of Systems and Software
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
Achieving leakage resilience through dual system encryption
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Signatures resilient to continual leakage on memory and computation
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Proceedings of the forty-third annual ACM symposium on Theory of computing
Key-evolution schemes resilient to space-bounded leakage
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Remote timing attacks are still practical
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
Factorization of square-free integers with high bits known
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Compiler mitigations for time attacks on modern x86 processors
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
Cache-collision timing attacks against AES
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Specification and verification of side channel declassification
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Protecting circuits from leakage: the computationally-bounded and noisy cases
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Timing attacks on NTRUEncrypt via variation in the number of hash calls
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
BiTR: built-in tamper resilience
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
On the complexity of the equivalence problem for probabilistic automata
FOSSACS'12 Proceedings of the 15th international conference on Foundations of Software Science and Computational Structures
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
WAFFle: fingerprinting filter rules of web application firewalls
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Cross-VM side channels and their use to extract private keys
Proceedings of the 2012 ACM conference on Computer and communications security
A coding-theoretic approach to recovering noisy RSA keys
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Improving timing attack on RSA-CRT via error detection and correction strategy
Information Sciences: an International Journal
Hardware Prefetchers Leak: A Revisit of SVF for Cache-Timing Attacks
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Unraveling timewarp: what all the fuzz is about?
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Message in a bottle: sailing past censorship
Proceedings of the 29th Annual Computer Security Applications Conference
PRIME: private RSA infrastructure for memory-less encryption
Proceedings of the 29th Annual Computer Security Applications Conference
Explicit authentication response considered harmful
Proceedings of the 2013 workshop on New security paradigms workshop
Proceedings of the First Workshop on Cryptography and Security in Computing Systems
| Hi-index | 0.00 |
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore security systems should defend against them.