Please use this identifier to cite or link to this item:
https://hdl.handle.net/2440/108056
Citations | ||
Scopus | Web of Science® | Altmetric |
---|---|---|
?
|
?
|
Type: | Conference paper |
Title: | Cachebleed: a timing attack on OpenSSL constant time RSA |
Author: | Yarom, Y. Genkin, D. Heninger, N. |
Citation: | Lecture Notes in Artificial Intelligence, 2016 / Gierlichs, B., Poschmann, A. (ed./s), vol.9813 LNCS, pp.346-367 |
Publisher: | Springer |
Issue Date: | 2016 |
Series/Report no.: | Lecture Notes in Computer Science |
ISBN: | 9783662531396 |
ISSN: | 0302-9743 1611-3349 |
Conference Name: | 18th International Conference on Cryptographic Hardware and Embedded Systems (CHES) (17 Aug 2016 - 19 Aug 2016 : Santa Barbara, CA) |
Editor: | Gierlichs, B. Poschmann, A. |
Statement of Responsibility: | Yuval Yarom, Daniel Genkin, and Nadia Heninger |
Abstract: | The scatter-gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant time. We implement a cache timing attack against the scatter-gather implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f. Our attack exploits cache-bank conflicts on the Sandy Bridge microarchitecture. We have tested the attack on an Intel Xeon E5-2430 processor. For 4096-bit RSA our attack can fully recover the private key after observing 16,000 decryptions. |
Keywords: | Side-channel attacks; Cache attacks; Cryptographic implementations; Constant-time; RSA |
Description: | Lecture Notes in Computer Science, vol. 9813 |
Rights: | © International Association for Cryptologic Research 2016 |
DOI: | 10.1007/978-3-662-53140-2_17 |
Published version: | http://dx.doi.org/10.1007/978-3-662-53140-2_17 |
Appears in Collections: | Aurora harvest 8 Computer Science publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
RA_hdl_108056.pdf Restricted Access | Restricted Access | 1.24 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.