Related Concepts
Definition
Attack based on the leakage of information of secret parameters through variations in the running times of a cryptographic device.
Background
When the running time of a cryptographic device is not constant, it may leak information about the secret parameters involved, so that careful timing measurement and analysis may allow to recover the system’s secret key. This idea first appeared in the scientific literature in 1996 [7].
Targeting implementation specificities, timing attacks belong to the side-channel attacks family, of which they were one of the first representatives.
Time Measurement
To conduct the attack, the adversary needs to collect a set (sample) of messages together with their processing time by the cryptographic device. Running time might, for example, be obtained by measuring the question–answer delay or by monitoring the processor activity. One privileged target for timing attacks – as well as other side-channel attacks...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Bernstein D (2005) Cache timing attacks on AES. Available at http://cr.yp.to/papers.html#cachetiming
Brumley D, Boneh D (2005) Remote timing attacks are practical. Comp Netw 48(5):701–716
Canvel B, Hiltgen A, Vaudenay S, Vuagnoux M (2003) Password interception in a SSL/TLS channel. In: Boneh D (ed) Advances in cryptology – CRYPTO ’03. LNCS, vol 2729. Springer, Heidelberg
Dhem JF, Koeune F, Leroux PA, Mestré P, Quisquater JJ, Willems JL (1998) A practical implementation of the timing attack. In: Quisquater JJ, Schneier B (eds) Proceedings CARDIS 1998. Smart card research and advanced applications. LNCS, Springer, Heidelberg
Dhem JF (1998) Design of an efficient public-key cryptographic library for risc-based smart cards, PhD thesis, Université catholique de Louvain – UCL Crypto Group, Laboratoire de microélectronique (DICE), Belgium
Gueron S (2008) Advanced Encryption Standard (AES) instructions set. Intel Mobility Group Israel Development Center, Israel White paper. Available at http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-SetWP.pdf
Kocher P (1996) Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz N (ed) Advances in cryptology – CRYPTO ’96, Santa Barbara, California. LNCS, vol 1109. Springer, Heidelberg, pp 104–113
Osvik D, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of AES. In: Pointcheval D (ed) Proceedings CT-RSA 2006. LNCS, vol 3860. Springer, Heidelberg, pp 1–20
Schindler W, Quisquater JJ, Koeune F (2001) Improving divide and conquer attacks against cryptosystems by better error detection correction strategies. In: Honary B (ed) Proceedings of 8th IMA international conference on cryptography and coding (Berlin). LNCS, vol 2260. Springer, Heidelberg, pp 245–267
Walter CD (1999) Montgomery’s multiplication technique: how to make it smaller and faster. In: Koç ÇK, Paar C (eds) Cryptographic hardware and embedded systems – CHES ’99. LNCS, vol 1717. Springer, Heidelberg, pp 80–93
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Koeune, F. (2011). Timing Attack. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_138
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_138
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering