Opportunities and Limits of Remote Timing Attacks

ACM Transactions on Information and System Security

Volumn 12, Issue 3, 2009, Pages

  Crosby, Scott A ^a,b   Wallach, Dan S ^a   Riedi, Rudolf H ^a  

^a RICE UNIVERSITY   (United States)

^b Rice University   (United States)

Author keywords

Information leakage; Jitter; Timing attacks

Indexed keywords

CONFIDENTIAL INFORMATIONS; INFORMATION LEAKAGE; LOCAL NETWORKS; NETWORK RESPONSE; NETWORK SERVERS; RSA PRIVATE KEYS; TIMING ATTACKS; TIMING CHANNELS; WEB SERVERS;

INTERNET; SERVERS; TIME MEASUREMENT; WEB SERVICES; WORLD WIDE WEB;

JITTER;

EID: 60349110770     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/1455526.1455530     Document Type: Article

References (45)

1. ACHARYA, A. AND SALTZ, J. 1996. A study of Internet round-trip delay. Tech. rep. CS-TR-3736, Department of Computer Science, University of Maryland.
2. ACIIÇMEZ, O. AND CETIN KAYA KOÇ. 2006. Trace-driven cache attacks on aes (short paper). In Proceedings of the 8th International Conference on Information and Communications Security (ICS'06). Raleigh, NC, 112-121.
3. ACIIÇMEZ, O., ÇETIN KAYA KOÇ, AND SEIFERT, J.-P. 2007a. Predicting secret keys via branch prediction. In Proceedings of the Cryptographers' Track at the RSA Conference (CT-RSA'07). San Francisco, 225-242.
4. ACIIÇMEZ, O., SCHINDLER, W., AND ÇETIN K. KOÇ. 2005. Improving brumley and boneh timing attack on unprotected ssl implementations. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS'05). Alexandria, VA, 139-146.
5. ACIIÇMEZ, O., SCHINDLER, W., AND ÇETIN KAYA KOÇ. 2007b. Cache based remote timing attack on the AES. In Proceedings of the Cryptographers' Track at the RSA Conference (CT-RSA'07). San Francisco, 271-286.
6. ACIIÇMEZ, O., SEIFERT, J.-P., AND ÇETIN KAYA KOÇ. 2007c. Micro-architectural cryptanalysis. IEEE Secur. Privacy 5, 4, 62-64.
7. BACKES, M., DÜRMUTH, M., AND UNRUH, D. 2008. Compromising reflections or how to read lcd monitors around the corner. In Proceedings of the IEEE Symposium on Security and Privacy (SP'08). Oakland, CA.
8. BARFORD, P. AND CROVELLA, M. 2001. Critical path analysis of TCP transactions. IEEE / ACM Trans. Netw. 9, 3, 238-248.
9. BERNSTEIN, D. J. 2005. Cache-timing attacks on AES. http://cr.yp.to/papers.html#caehetiming.
10. BOLOT, J.-C. 1993. End-to-end packet delay and loss behavior in the Internet. In Proceedings of the ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM'93). San Francisco, CA, 289-298.
11. BORTZ, A., BONEH, D., AND NANDY, P. 2007. Exposing private information by timing web applications. In ceedings of the 16th International World Wide Web Conference (WWW'07) Banff, Alberta, Canada.
12. BRUMLEY, D. AND BONEH, D. 2004. Remote timing attacks are practical. In Proceedings of the 12th USENIX Security Symposium (SECURITT'04). Washington, DC.
13. CANVEL, B., HILTGEN, A., VUAGNOUX, M., AND VAUDENAY, S. 2003. Password interception in a TLS/SSL channel. In Proceedings of the Annual International Cryptology Conference (CRYPTO'03). Lecture Notes in Computer Science, vol. 2729. Springer-Verlag, 583-599.
14. CARTER, J. L. AND WEGMAN, M. N. 1979. Universal classes of hash functions. J. Comput. Syst. Sci. 18, 2, 143-154.
15. CASNER, S., ALAETTINOGLU, C., AND KUAN, C.-C. 2001. A fine-grained view of high-performance networking. NANOG22 meeting. http://www.nanog.org/mtg-0105/casner.html.
16. CHUN, B., CULLER, D., ROSCOE, T., BAVIER, A., PETERSON, L., WAWRZONIAK, M., AND BOWMAN, M. 2003. PlanetLab: An overlay testbed for broad-coverage services. Comput. Comm. Rev. 33, 3.
17. CLAFFY, K. C., POLYZOS, G. C., AND BRAUN, H.-W. 1993. Measurement considerations for assessing unidirectional latencies. Internetw.: Resear. Exper. 4, 3, 121-132.
18. CROSBY, S. AND WALLACH, D. S. 2003. Denial of service via algorithmic complexity attacks. In Proceedings of the 12th USENIX Security Symposium (SECURITT'03).
19. DAEMEN, J. AND RIJMEN, V. 1999. Resistance against implementation attacks: A comparative study of the AES proposals. In Proceedings of the 2nd AES Candidate Conference (AES'99). Rome, Italy.
20. FELTEN, E. W. AND SCHNEIDER, M. A. 2000. Timing attacks on Web privacy. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS'00). Athens, Greece.
21. JENKINS, R. J. 1995. Hash functions for hash table lookup. http://burtleburtle.net/bob/hash/evahash.html.
22. KELSEY, J., SCHNEIER, B., WAGNER, D., AND HALL, C. 2000. Side channel cryptanalysis of product ciphers. J. Comput. Secur. 8, 2-3, 141-158.
23. KOCHER, P. 1996. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of the Annual International Cryptology Conference (CRYPTO'96). N. Koblitz, Ed. Lecture Notes in Computer Science, vol. 1109. Springer-Verlag, Santa Barbara, CA.
24. KOCHER, P., JAFFE, J., AND JUN, B. 1999. Differential power analysis. In Proceedings of the Annual International Cryptology Conference (CRYPTO'99). M. Wiener, Ed. Lecture Notes in Computer Science, vol. 1666. Springer-Verlag, Santa Barbara, CA.
25. KOHNO, T., BROIDO, A., AND CLAFFY, K. 2005. Remote physical device fingerprinting. In Proceedings of the IEEE Symposium on Security and Privacy (SP'05). Oakland, CA.
26. KIJHN, M. G. 2002. Optical time-domain eavesdropping risks of CRT displays. In Proceedings of the IEEE Symposium on Security and Privacy (SP'02). Oakland, CA.
27. KUHN, M. G. AND ANDERSON, R. J. 1998. Soft Tempest: Hidden data transmission using electromagnetic emanations. In Proceedings of the 2nd Workshop on Information Hiding (IH'98). Portland, OR.
28. LAMPSON, B. W. 1983. Hints for computer system design. SIGOPS Oper. Syst. Rev. 15, 5, 33-48. IEEE Softw. 1, 1, 11-28.
29. MILLS, D. L. 1991. Internet time synchronization: The Network Time Protocol. IEEE Trans. Comm. 39, 10, 1482-1493.
30. MILLS, D. L. 1992. Network time protocol (version 3). Tech. rep. RFC-1305, Internet Engineering Task Force. ftp://ftp.rfc-editor.org/in-notes/ rfc1305.txt.
31. MOORE, D. AND MCCABE, G. 2004. Introduction to the Practice of Statistic, 5th Ed. Freeman, New York.
32. MUKHERJEE, A. 1994. On the dynamics and significance of low frequency components of Internet load. Internetw.: Resear. Exper. 5, 4, 163-205.
33. OSVIK, D. A., SHAMIR, A., AND TROMER, E. 2006. Cache attacks and countermeasures: The case of AES. In Proceedings of the Cryptographers' Track at the RSA Conference (CT-RSA'06). Lecture Notes in Computer Science, vol. 3860. Springer, 1-20.
34. PAGE, D. 2002. Theoretical use of cache memory as a cryptanalytic side-channel. Tech. rep. CSTR-02-003, Department of Computer Science, University of Bristol.
35. PASZTOR, A. AND VEITCH, D. 2002. PC based precision timing without GPS. In Proceedings of the ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS'02). Marina Del Rey, CA. 1-10.
36. PAXSON, V. 1997a. End-to-end Internet packet dynamics. In Proceedings of the ACM SIGCOMM: Applications, Technologies, Architectures and Protocols for Computer Communication (SIGCOMM'97). Cannes, France.
37. PAXSON, V. 1997b. Measurements and analysis of end-to-end Internet dynamics. Ph.D. thesis, University of California, Berkeley.
38. PAXSON, V. 1998. On calibrating measurements of packet transit times. In Proceedings of the SIGMETRICS / PERFORMANCE: Joint International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS'98). Madison, WI. 11-21.
39. SANGHI, D., AGRAWALA, A. K., GUDMUNDSSON, O., AND JAIN, B. N. 1993. Experimental assessment of end-to-end behavior on Internet. In Proceedings of the 12th Annual Joint Conference of the IEEE Computer and Communications Societies (CCS'93). San Francisco, CA. 867-874.
40. SCHINDLER, W. 2000. A timing attack against RSA with the Chinese remainder theorem. In Proceedings of Cryptographic Hardware and Embedded Systems. Worcester, MA. 109-124.
41. SCHINDLERW. 2002. Optimized timing attacks against public key cryptosystems. Statistics Decisions 20, 191-210.
42. SILVERMAN, J. H. ANDWHYTE, W. 2007. Timing attacks on NTRUEncrypt based on variation in number of hash calls. In Proceedings of the Cryptographers' Track at the RSA Conference (CT-RSA07). San Francisco.
43. SONG, D. X., WAGNER, D., AND TIAN, X. 2001. Timing analysis of keystrokes and timing attacks on SSH. In Proceedings of the 10th USENIX Security Symposium (SECURITT'01). Washington, DC.
44. VEITCH, D., BABU, S., AND PASZTOR, A. 2004. Robust synchronization of software clocks across the Internet. In Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement. Taormina, Sicily, Italy, 219-232.
45. WANG, Z., ZEITOUN, A., AND JAMIN, S. 2003. Challenges and lessons learned in measuring path RTT for proximity-based applications. In Proceedings of the Passive and Active Measurement Workshop (PAM'03). San Diego, CA.