Cryptographic Hardware and Embedded Systems – CHES 2016, p.346-367
Details
- Autor(en) / Beteiligte
- Titel
- CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
- Ist Teil von
- Cryptographic Hardware and Embedded Systems – CHES 2016, p.346-367
- Ort / Verlag
- Berlin, Heidelberg: Springer Berlin Heidelberg
- Link zum Volltext
- Quelle
- Alma/SFX Local Collection
- Beschreibungen/Notizen
- The scatter-gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant time. We implement a cache timing attack against the scatter-gather implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f. Our attack exploits cache-bank conflicts on the Sandy Bridge microarchitecture. We have tested the attack on an Intel Xeon E5-2430 processor. For 4096-bit RSA our attack can fully recover the private key after observing 16,000 decryptions.
- Sprache
- Englisch
- Identifikatoren
- ISBN: 3662531399, 9783662531396ISSN: 0302-9743eISSN: 1611-3349DOI: 10.1007/978-3-662-53140-2_17Titel-ID: cdi_springer_books_10_1007_978_3_662_53140_2_17
- Format
- –
- Schlagworte
- Cache attacks, Constant-time, Cryptographic implementations, RSA, Side-channel attacks