Improving Brumley and Boneh timing attack on unprotected SSL implementations

Started by aruljothi, Mar 21, 2009, 10:19 AM

Previous topic - Next topic

aruljothi

ABSTRACT

Since the remarkable work of Kocher [7], several papers considering different types of timing attacks have been published. In 2003, Brumley and Boneh presented a timing attack on unprotected OpenSSL implementations [2]. In this paper, we improve the efficiency of their attack by a factor of more than 10. We exploit the timing behavior of Montgomery multiplications in the table initialization phase, which allows us to increase the number of multiplications that provide useful information to reveal one of the prime factors of RSA moduli. We also present other improvements, which can be applied to the attack