Timing Attack is a Side Channel Attack related to variance in execution time of a cryptographic algorithm based upon different keys or plain text.


[ Ссылка ]
[ Ссылка ]

[ Ссылка ]

Side Channel attacks are related to implementation flaws in a cryptographic algorithm and in this video I will discuss a special type of side Channel attack that is the timing attack and I will give an introduction of this timing attack then it's working and certain countermeasures

Timing attacks are related to how long a cryptographic operation takes to complete
so this is easier than using the crypto analysis or brute forcing
furthermore it can also assist and ease in Crypt analysis

Working of timing Attacks
an attacker analyze the time taken to execute a cryptographic algorithm so he observes the variances in computational time based upon the provided input
for example, the time to encrypt or decrypt may vary depending upon the different keys or different plain texts because based upon different keys or different plain texts, certain conditional branches are activated
furthermore the memory accesses may also vary, depending upon the provided input which can further create variations in the execution time of an algorithm so therefore an attacker can work backward from output that is the ciphertext to towards the input that is towards plain text or key
and now these timing flaws are introduced due to a compiler optimization

Counter measures
A constant time functions will make the execution time of an algorithm a constant irrespective of provided input that is the plain text or the key, therefore attacker will not be able to observe or to detect any variant sales
furthermore, the final executable code should be tested comprehensively

свернуть