Opportunities and Limits of Remote Timing Attacks

Simple item page
dc.contributor.authorCrosby, Scott A.
dc.contributor.authorRiedi, Rudolf H.
dc.contributor.authorWallach, Dan S.
dc.date.accessioned2017-08-02T22:03:04Z
dc.date.available2017-08-02T22:03:04Z
dc.date.issued2007-05-26
dc.date.noteMay 26, 2007
dc.description.abstractMany algorithms can take a variable amount of time to complete depending on the data being processed. These timing differences can sometimes disclose confidential information. Indeed, researchers have been able to reconstruct an RSA private key purely by querying an SSL web server and timing the results. Our work analyzes the limits of attacks based on accurately measuring network response times and jitter over a local network and across the Internet. We present the design of filters to significantly reduce the effects of jitter, allowing an attacker to measure events with 15-100μs accuracy across the Internet, and as good as 100ns over a local network. Notably, security-related algorithms on web servers and other network servers need to be carefully engineered to avoid timing channel leaks at the accuracy demonstrated in this paper.
dc.format.extent36 pp
dc.identifier.citationCrosby, Scott A., Riedi, Rudolf H. and Wallach, Dan S.. "Opportunities and Limits of Remote Timing Attacks." (2007) https://hdl.handle.net/1911/96356.
dc.identifier.digitalTR07-03
dc.identifier.urihttps://hdl.handle.net/1911/96356
dc.language.isoeng
dc.rightsYou are granted permission for the noncommercial reproduction, distribution, display, and performance of this technical report in any format, but this permission is only for a period of forty-five (45) days from the most recent time that you verified that this technical report is still available from the Computer Science Department of Rice University under terms that include this permission. All other rights are reserved by the author(s).
dc.titleOpportunities and Limits of Remote Timing Attacks
dc.typeTechnical report
dc.type.dcmiText
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
TR07-03.pdf
Size:
347.05 KB
Format:
Adobe Portable Document Format
Download
Collections
Computer Science Technical Reports