Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Practical Implementation of the Timing Attack
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
A Combined Timing and Power Attack
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Exposing private information by timing web applications
Proceedings of the 16th international conference on World Wide Web
A domain-specific programming language for secure multiparty computation
Proceedings of the 2007 workshop on Programming languages and analysis for security
When Cryptographers Turn Lead into Gold
IEEE Security and Privacy
Drm to counter side-channel attacks?
Proceedings of the 2007 ACM workshop on Digital Rights Management
Factorization of Square-Free Integers with High Bits Known
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Exploring the security requirements for quality of service in combined wired and wireless networks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
| Hi-index | 0.00 |
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore security systems should defend against them.