Digital Log

    Timing-Attacks-Reading

    Timing Attacks on Diffie Helman, RSA, et. al.

    This paper presents a powerful timing attack that can recover an entire secret key from a cryptosystem. The submitted review is here.

    The attack

    First, a demonstration of the attack is shown against a simple modular exponentiation algorithm which computes R=yxmod  nR = y^x \mod n. Here, xx is the secret key and is ww bits long. The algorithm only computes the multiplication Rb=sby)mod  nR_b = s_b \cdot y) \mod n if the bbth bit of xx is 1. The attack is inductive; at each step, we use the knowledge of the first bb bits of xx to find bit b+1b+1. If we know that computing Rb=(sby)mod  nR_b = (s_b \cdot y) \mod n is slow for certain sbs_b and yy values, and we observe that total modular exponentiation is fast, then we can conclude bit bb is zero, and vice versa. One advantageous aspect of this algorithm is that wrong steps are pretty simple to detect statistically; once a wrong bit is guessed, future timings will have greater variances. Keeping track of guesses and their probabilities reduces the number of samples needed. Using this technique results in an attack where the number of samples needed is proportional to the size ww of the key.

    This attack is then put to the test against RSAREF. The attack is slightly modified, because RSAREF precomputes y2y^2 and y3y^3 to process two exponent bits at a time, cutting the number of loop iterations in half. So the attack needs to work with four candidates at a time (xb1xb0,12x_{b-1}x_b \in {0, 1}^2), instead of two. However, using this attack, correct guesses at each exponent bit are correct with probability 0.885, and it is therefore extremely effective.

    A discussion follows about Montgomery Multiplication, CRT, and DSS. In each of these, the author lays out a hand-wavy explanation of how the same style of attack may be theoretically possible, albiet more difficult, in these scenarios.

    The defense

    The author explains that the initial obvious solutions, e.g. adding random delays or always computing the multiplication steps instead of branching, don't actually work. Random delays just requires a larger sample size. Always computing the (sby)mod  n(s_b \cdot y) \mod n calculation doesn't solve the problem either, since the next squaring step still depends on xbx_b, and is therefore still subject to timing attacks.

    A better solution is to use blinding. Essentially, a secret masking pair (vi,vfv_i, v_f) is chosen based on xx and nn. The input message gets multiplied by vimod  nv_i \mod n before going through the modular exponentiation function, and then it is corrected afterwards by multiplying the output by vfmod  nv_f \mod n. This way, the attacker doesn't know the input to the modular exponentiation function, so the attack above is not possible.