SlideShare a Scribd company logo

Timing Attack paper--pres--v.01

Download as PPTX, PDF
A
anasz3z3

The document discusses timing attacks and methods to defend against them. It describes how timing attacks work by measuring the time it takes to perform cryptographic operations like digital signatures. It then provides examples of how timing analysis can be used to extract secret keys from RSA encryption by making educated guesses about the private key components and measuring the timing differences. Finally, it proposes RSA blinding as a defense, where random values are added before decryption to randomize the timing.

Technology
1 of 14
Downloaded 30 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Timing Attacks • Prepared By : *Anas Za’za’ • Dr. Adwan Yasin. • COMPUTER SECURITY.
Timing Attacks : side-channel attack based on measuring the length of time it takes to digitally sign a message(respond it)
Network Timing Attack Regular Client Server [Web,SSL] 1. ClientHello 2. ServerHello (send public key) 3. ClientKeyExchange
Attack Attack Client Server 1. ClientHello 2. ServerHello (send public key) 3. Record time t1 Send guess g or ghi 4. Alert 5. Record time t2 Compute t2 –t1
a = "ABCD" b = "ABBA" for (i = 0; i < a.length; i++) { if (a[i] != b[i]) return false; } return true;
Trick AAAAAAAAAA BAAAAAAAAA CAAAAAAAAA DAAAAAAAAA ... XAAAAAAAAA YAAAAAAAAA ZAAAAAAAAA
a = "ABCD" b = "ABBA" for (i = 0; i < a.length; i++) { if (a[i] != b[i]) return false; } return true;
Reform The Code match = true; for (i = 0; i < a.length; i++) { if (a[i] != b[i]) match := false; } return match;
Reform The Code 2 match = 0; for (i = 0; i < a.length; i++) { match = match or (a[i] xor b[i]); } return match == 0; A B OUTPUT A XOR B 0 0 0 0 1 1 1 0 1 1 1 0
Attack on OpenSSL OpenSSL: an open source cryptographic library used in web servers and other SSL applications.
RSA Key generation: • Generate large primes p, q • Compute n=pq and (n)=(p-1)(q-1) • Choose small e, relatively prime to (n) • Compute unique d such that ed = 1 mod (n) Public key = (e,n); private key = d Security relies on the assumption that it is difficult to compute roots modulo n without knowing p and q Encryption of p (simplified!): c = pe mod n Decryption of c: cd mod n = (pe)d mod n = m
Timing Attack on RSA • Initial guess g for q • Try all possible guesses for the top few bits • Suppose we know i-1 top bits of q. Goal: ith bit. • Set g =<known i-1 bits of q>000000 • Set ghi=<known i-1 bits of q>100000 - note: g<ghi • If g<q<ghi then the ith bit of q is 0 • If g<ghi<q then the ith bit of q is 1 • Goal: decide whether g<q<ghi or g<ghi<q Let ‘g’ be a guess as to the value of q Let ghi be the same value as g, with the i'th bit
slide 13 Two Possibilities for ghi Decryption time #Reductions Mult routine ghi Difference in decryption times ? between g and ghi will be small q g ghi? Value of ciphertext Difference in decryption times between g and ghi will be large D=|t1-t2|. If D is large then g<q<ghi and i’th bit of q is 0, otherwise the bit is 1.
RSA Blinding • Decrypt random number related to c: 1. Before decryption compute x’ = c*re mod N, r is random 2. p’ = Decrypt x’ 3. Calculate p = p’/r mod N • Since r is random, the decryption time should be random • 2-10% performance penalty

More Related Content

PPTX
RSA Algorithm
Srinadh Muvva
 
PPTX
Trible data encryption standard (3DES)
Ahmed Mohamed Mahmoud
 
PPT
AES Cryptosystem
هيثم فرج
 
PDF
Asymmetric Cryptography
UTD Computer Security Group
 
PPTX
Elliptic Curve Cryptography
JorgeVillamarin5
 
PPTX
Encryption And Decryption Using AES Algorithm
Ahmed Raza Shaikh
 
PDF
4. The Advanced Encryption Standard (AES)
Sam Bowne
 
PPT
12 symmetric key cryptography
drewz lin
 
RSA Algorithm
Srinadh Muvva
 
Trible data encryption standard (3DES)
Ahmed Mohamed Mahmoud
 
AES Cryptosystem
هيثم فرج
 
Asymmetric Cryptography
UTD Computer Security Group
 
Elliptic Curve Cryptography
JorgeVillamarin5
 
Encryption And Decryption Using AES Algorithm
Ahmed Raza Shaikh
 
4. The Advanced Encryption Standard (AES)
Sam Bowne
 
12 symmetric key cryptography
drewz lin
 

What's hot (20)

PPT
Ch11 Basic Cryptography
Information Technology
 
PPTX
I mage encryption using rc5
Suramrit Singh
 
PPT
Caesar cipher
Hossain Md Shakhawat
 
PPTX
Rsa Crptosystem
Amlan Patel
 
PPTX
One Time Pad Encryption Technique
John Adams
 
PPTX
Rsa cryptosystem
Abhishek Gautam
 
PDF
Introduction to Homomorphic Encryption
Christoph Matthies
 
PPT
Design and Simulation Triple-DES
chatsiri
 
PPTX
Public Key Cryptosystem
Devakumar Kp
 
PPTX
Double DES & Triple DES
Hemant Sharma
 
PPTX
Cryptography.ppt
kusum sharma
 
PDF
Introduction to Cryptography
Seema Goel
 
PPTX
Diffie hellman key exchange algorithm
Sunita Kharayat
 
PDF
Fungsi Hash & Algoritma SHA-256 - Presentation
Aditya Gusti Tammam
 
PPTX
Cryptography.ppt
Uday Meena
 
PPT
Rsa
ismaelhaider
 
PPT
DBMS _Relational model
Azizul Mamun
 
PPTX
Rc4
Amjad Rehman
 
PPTX
RC 4
Sovan Paul
 
PDF
Elliptic Curve Cryptography Message Exchange
JacopoMariaValtorta
 
Ch11 Basic Cryptography
Information Technology
 
I mage encryption using rc5
Suramrit Singh
 
Caesar cipher
Hossain Md Shakhawat
 
Rsa Crptosystem
Amlan Patel
 
One Time Pad Encryption Technique
John Adams
 
Rsa cryptosystem
Abhishek Gautam
 
Introduction to Homomorphic Encryption
Christoph Matthies
 
Design and Simulation Triple-DES
chatsiri
 
Public Key Cryptosystem
Devakumar Kp
 
Double DES & Triple DES
Hemant Sharma
 
Cryptography.ppt
kusum sharma
 
Introduction to Cryptography
Seema Goel
 
Diffie hellman key exchange algorithm
Sunita Kharayat
 
Fungsi Hash & Algoritma SHA-256 - Presentation
Aditya Gusti Tammam
 
Cryptography.ppt
Uday Meena
 
Rsa
ismaelhaider
 
DBMS _Relational model
Azizul Mamun
 
Rc4
Amjad Rehman
 
RC 4
Sovan Paul
 
Elliptic Curve Cryptography Message Exchange
JacopoMariaValtorta
 
Ad

Similar to Timing Attack paper--pres--v.01 (20)

PDF
CNIT 141: 3. Cryptographic Security
Sam Bowne
 
PDF
3. Cryptographic Security
Sam Bowne
 
PPT
Swing07 day1 buttyan
rajrayala
 
PDF
Sullivan randomness-infiltrate 2014
Cloudflare
 
PPTX
RSA криптосистем
sodhero
 
DOCX
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
blondellchancy
 
PPT
Rsa
magentie
 
PDF
9. Hard Problems
Sam Bowne
 
PPT
Cryptography
suresh0506
 
PPTX
cyber security attacks cyber security attacks
NiharikaGuptas
 
PPTX
Black ops 2012
Dan Kaminsky
 
PDF
paper2.pdf
aminasouyah
 
PDF
lecture1.pdf
aminasouyah
 
PDF
sheet2.pdf
aminasouyah
 
PDF
paper9.pdf
aminasouyah
 
PDF
doc2.pdf
aminasouyah
 
PDF
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
PPTX
Net
Raviteja
 
PPTX
3 pkc+rsa
Shashank Mishra
 
PDF
CNIT 141: 9. Hard Problems
Sam Bowne
 
CNIT 141: 3. Cryptographic Security
Sam Bowne
 
3. Cryptographic Security
Sam Bowne
 
Swing07 day1 buttyan
rajrayala
 
Sullivan randomness-infiltrate 2014
Cloudflare
 
RSA криптосистем
sodhero
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
blondellchancy
 
Rsa
magentie
 
9. Hard Problems
Sam Bowne
 
Cryptography
suresh0506
 
cyber security attacks cyber security attacks
NiharikaGuptas
 
Black ops 2012
Dan Kaminsky
 
paper2.pdf
aminasouyah
 
lecture1.pdf
aminasouyah
 
sheet2.pdf
aminasouyah
 
paper9.pdf
aminasouyah
 
doc2.pdf
aminasouyah
 
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Net
Raviteja
 
3 pkc+rsa
Shashank Mishra
 
CNIT 141: 9. Hard Problems
Sam Bowne
 
Ad

Recently uploaded (20)

PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PPTX
The Future of AI & Machine Learning.pptx
pritsen4700
 
PDF
Software Development Methodologies in 2025
KodekX
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PDF
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
The Future of AI & Machine Learning.pptx
pritsen4700
 
Software Development Methodologies in 2025
KodekX
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 

Timing Attack paper--pres--v.01

  • 1. Timing Attacks • Prepared By : *Anas Za’za’ • Dr. Adwan Yasin. • COMPUTER SECURITY.
  • 2. Timing Attacks : side-channel attack based on measuring the length of time it takes to digitally sign a message(respond it)
  • 3. Network Timing Attack Regular Client Server [Web,SSL] 1. ClientHello 2. ServerHello (send public key) 3. ClientKeyExchange
  • 4. Attack Attack Client Server 1. ClientHello 2. ServerHello (send public key) 3. Record time t1 Send guess g or ghi 4. Alert 5. Record time t2 Compute t2 –t1
  • 5. a = "ABCD" b = "ABBA" for (i = 0; i < a.length; i++) { if (a[i] != b[i]) return false; } return true;
  • 6. Trick AAAAAAAAAA BAAAAAAAAA CAAAAAAAAA DAAAAAAAAA ... XAAAAAAAAA YAAAAAAAAA ZAAAAAAAAA
  • 7. a = "ABCD" b = "ABBA" for (i = 0; i < a.length; i++) { if (a[i] != b[i]) return false; } return true;
  • 8. Reform The Code match = true; for (i = 0; i < a.length; i++) { if (a[i] != b[i]) match := false; } return match;
  • 9. Reform The Code 2 match = 0; for (i = 0; i < a.length; i++) { match = match or (a[i] xor b[i]); } return match == 0; A B OUTPUT A XOR B 0 0 0 0 1 1 1 0 1 1 1 0
  • 10. Attack on OpenSSL OpenSSL: an open source cryptographic library used in web servers and other SSL applications.
  • 11. RSA Key generation: • Generate large primes p, q • Compute n=pq and (n)=(p-1)(q-1) • Choose small e, relatively prime to (n) • Compute unique d such that ed = 1 mod (n) Public key = (e,n); private key = d Security relies on the assumption that it is difficult to compute roots modulo n without knowing p and q Encryption of p (simplified!): c = pe mod n Decryption of c: cd mod n = (pe)d mod n = m
  • 12. Timing Attack on RSA • Initial guess g for q • Try all possible guesses for the top few bits • Suppose we know i-1 top bits of q. Goal: ith bit. • Set g =<known i-1 bits of q>000000 • Set ghi=<known i-1 bits of q>100000 - note: g<ghi • If g<q<ghi then the ith bit of q is 0 • If g<ghi<q then the ith bit of q is 1 • Goal: decide whether g<q<ghi or g<ghi<q Let ‘g’ be a guess as to the value of q Let ghi be the same value as g, with the i'th bit
  • 13. slide 13 Two Possibilities for ghi Decryption time #Reductions Mult routine ghi Difference in decryption times ? between g and ghi will be small q g ghi? Value of ciphertext Difference in decryption times between g and ghi will be large D=|t1-t2|. If D is large then g<q<ghi and i’th bit of q is 0, otherwise the bit is 1.
  • 14. RSA Blinding • Decrypt random number related to c: 1. Before decryption compute x’ = c*re mod N, r is random 2. p’ = Decrypt x’ 3. Calculate p = p’/r mod N • Since r is random, the decryption time should be random • 2-10% performance penalty