Abstract
We study the vulnerability of several implementations of the Data Encryption Standard (DES) cryptosystem under a timing attack. A timing attack is a method designed to break cryptographic systems that was recently proposed by Paul Kocher. It exploits the engineering aspects involved in the implementation of cryptosystems and might succeed even against cryptosystems that remain impervious to sophisticated cryptanalytic techniques. A timing attack is, essentially, a way of obtaining some user's private information by carefully measuring the time it takes the user to carry out cryptographic operations.
In this work we analyze two implementations of DES. We show that a timing attack yields the Hamming weight of the key used by both DES implementations. Moreover, the attack is computationally inexpensive. We also show that all the design characteristics of the target system, necessary to carry out the timing attack, can be inferred from timing measurements. To the best of our knowledge this work is the first one that shows that symmetric cryptosystems are vulnerable to timing attacks.
Partially supported by FONDECYT No. 1960849, Fundación Andes, and FONDAP in Applied Mathematics 1997.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Data encryption standard (DES), 1977. National Bureau of Standards FIPS Publication 46.
E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology, 4:3–72, 1991.
E. Biham and A. Shamir. Differential cryptanalysis of the full 16-round DES. In E. F. Brickell, editor, Advances in Cryptology — CRYPTO'92, number 740 in Lecture Notes in Computer Science, pages 494–502, Santa Barbara, California, 1993. Springer-Verlag.
E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. Technical Report CS0910, Technion, Computer Science Department, 1997.
D. Boneh, R. A. Demillo, and R. J. Lipton. On the importance of checking cryptographic protocols for faults. In Advances in Cryptology — EUROCRYPT'97, Lecture Notes in Computer Science, pages 37–51. Springer-Verlag, 1997.
D. Chaum. Blind signatures for untraceable payments. In D. Chaum, R. L. Rivest, and A. T. Sherman, editors, Advances in Cryptology — CRYPTO'82, pages 199–203, Santa Barbara, California, 1983. Plenum Press.
W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654, Nov 1976.
E. English and S. Hamilton. Network security under siege. The timing attack. Computer, 30(5), March 1996.
W. Feller. An introduction to probability theory and its applications, volume I & II. John Wiley & Sons, Inc., 1966. second printing.
J. S. A. Kapp. RSAEuro: A cryptographic toolkit, 1996. Version 1.04 Internet Release Distribution.
P. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology — CRYPTO'96, number 1109 in Lecture Notes in Computer Science, pages 104–113, Santa Barbara, California, 1996. Springer-Verlag.
A. Louko. DES package, 1992. Version 2.1, (available via FTP from kampi.hut.fi).
J. Markoff. Potential flaw seen in cash card security, September 26 1996. New York Times.
M. Matsui. The first experimental cryptanalysis of the data encryption standard. In Y. G. Desmedt, editor, Advances in Cryptology — CRYPTO'94, number 839 in Lecture Notes in Computer Science, pages 1–11, Santa Barbara, California, 1994. Springer-Verlag.
M. Matsui. Linear cryptanalysis method for DES cipher. In T. Helleseth, editor, Advances in Cryptology — EUROCRYPT'93, number 765 in Lecture Notes in Computer Science, pages 386–897, Lofthus, Norway, 1994. Springer-Verlag.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, first edition, 1997.
R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Comm. of the ACM, 21:120–126, 1978.
S. Ross. A first course in probability. Macmillan Pub. Comp., third edition, 1988.
B. Schneier. Applied Cryptography: Protocols, algorithms and source code in C. John Wiley & Sons, Inc., second edition, 1996.
D. R. Stinson. Cryptography, Theory and Practice. CRC Press, first edition, 1995.
S. Zacks. The theory of statistical inference. John Wiley & Sons, Inc., 1971.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hevia, A., Kiwi, M. (1998). Strength of two Data Encryption Standard implementations under timing attacks. In: Lucchesi, C.L., Moura, A.V. (eds) LATIN'98: Theoretical Informatics. LATIN 1998. Lecture Notes in Computer Science, vol 1380. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054321
Download citation
DOI: https://doi.org/10.1007/BFb0054321
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64275-6
Online ISBN: 978-3-540-69715-2
eBook Packages: Springer Book Archive