Hi,
Can any body suggest some good books /reference on Side Channel Attacks
(Timing attacks in specific)
I need to focus on cache timing attacks (specifically on the
crytography
algorithms that use SBox , like AES etc)
Any useful books/articles suggestions are welcome
Rohit
rohit
> Can any body suggest some good books /reference on Side Channel Attacks
What's with using a searching machine? Did you really try?
http://www.google.de/search?q=Side+Channel+Attacks gives me a lot
of information and sensible papers about that topic.
> (Timing attacks in specific)
Yes.
Yours,
VB.
--
> was ist wenn $BACKUPSERVER und $PRODUKTIVSERVER in einem Gebäude, Stockwerk
> oder Serverraum stehen und die Löschanlage (Fehlfunktion oder Brandfall)
> die komplette IT zerstört
Murphy meets Darwin. (Timm Thiemann zu Thomas Wildgruber in d.a.s.r)
HI VB,
Yes, I tried and found several papers on Side-Channel Attacks, But
frankly telling, I was searching for a book/reference that can atleast
describe how to carry out an attack. (say a timing attack)
I read DJB;s paper , his timing attack against the AES. I required an
eloborated attack stuff kind of material.
Rohit
rohit
> Yes, I tried and found several papers on Side-Channel Attacks, But
> frankly telling, I was searching for a book/reference that can atleast
> describe how to carry out an attack. (say a timing attack)
> I read DJB;s paper , his timing attack against the AES. I required an
> eloborated attack stuff kind of material.
Hm... already in the very first hit,
http://www.hbarel.com/publications/Introduction_To_Side_Chan nel_Attacks.pdf
I'm finding any information you need to implement attack code on a specific
implementation, if you're knowing this implementation.
And in the references you'll find as position 2 a paper of Paul C. Kocher
with sample code.
Do you understand the basic idea behind timing attacks?
Yours,
VB.
--
> was ist wenn $BACKUPSERVER und $PRODUKTIVSERVER in einem Gebäude, Stockwerk
> oder Serverraum stehen und die Löschanlage (Fehlfunktion oder Brandfall)
> die komplette IT zerstört
Murphy meets Darwin. (Timm Thiemann zu Thomas Wildgruber in d.a.s.r)
I understand the basic idea behind the timing attacks, and this is the
reason i need to study in detail
I want to know:
How timing attacks are carried out. (How DJB carried out the same for
retreiving the secret key from AES implemention of OpenSSL )
and finding material corresponding to the same.
Rohit
rohit
> I understand the basic idea behind the timing attacks, and this is the
> reason i need to study in detail
> I want to know:
> How timing attacks are carried out. (How DJB carried out the same for
> retreiving the secret key from AES implemention of OpenSSL )
> and finding material corresponding to the same.
Hm... are you able to understand programming, and to analyze
implementations?
I really don't understand your question. Any information you'll need is
here already.
Could you please ask a detailed question? Maybe I can help. Maybe others
can help here.
Yours,
VB.
--
> was ist wenn $BACKUPSERVER und $PRODUKTIVSERVER in einem Gebäude, Stockwerk
> oder Serverraum stehen und die Löschanlage (Fehlfunktion oder Brandfall)
> die komplette IT zerstört
Murphy meets Darwin. (Timm Thiemann zu Thomas Wildgruber in d.a.s.r)
Actually, I was searching for a book/reference that can provides
various ways of side-channel attacks that can be made against various
cryptographic algorithms. In specific, to start with, I thought to
replicate the DJB;s timing attack. And then later on improve/enhance
upon his attack.
My overall purpose behind this is to prepare a detailed report
detailing successfull timing attacks that can be carried out against
AES implementation in a very practical scenerio.
I hope you understand my requirement now.
Rohit
rohit
> Actually, I was searching for a book/reference that can provides
> various ways of side-channel attacks that can be made against various
> cryptographic algorithms. In specific, to start with, I thought to
> replicate the DJB;s timing attack. And then later on improve/enhance
> upon his attack.
> My overall purpose behind this is to prepare a detailed report
> detailing successfull timing attacks that can be carried out against
> AES implementation in a very practical scenerio.
Timing attacks are not only dependent on algorithms, but on different
implementations (for obvious reasons).
So you have to measure every implementation you're attacking yourself,
and to create the needed statistics. Then you can attack, and later
report about attacking.
Yours,
VB.
--
> was ist wenn $BACKUPSERVER und $PRODUKTIVSERVER in einem Gebäude, Stockwerk
> oder Serverraum stehen und die Löschanlage (Fehlfunktion oder Brandfall)
> die komplette IT zerstört
Murphy meets Darwin. (Timm Thiemann zu Thomas Wildgruber in d.a.s.r)
Thanks VB, b/w do you or anybody have original source code for DJB;s.
This can be used as a starting point.
Rohit
rohit
> Thanks VB, b/w do you or anybody have original source code for DJB;s.
> This can be used as a starting point.
His paper you'll find here:
http://cr.yp.to/antiforgery/cachetiming-20041111.pdf
Yours,
VB.
--
> was ist wenn $BACKUPSERVER und $PRODUKTIVSERVER in einem Gebäude, Stockwerk
> oder Serverraum stehen und die Löschanlage (Fehlfunktion oder Brandfall)
> die komplette IT zerstört
Murphy meets Darwin. (Timm Thiemann zu Thomas Wildgruber in d.a.s.r)