Cache-Timing Techniques: Exploiting the DSA Algorithm

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Brumley, Billy Pereida Garcia, Cesar 2016-08-26T09:02:16Z 2016-08-26T09:02:16Z 2016-07-29
dc.description.abstract Side-channel information is any type of information leaked through unexpected channels due to physical features of a system dealing with data. The memory cache can be used as a side-channel, leakage and exploitation of side-channel information from the executing processes is possible, leading to the recovery of secret information. Cache-based side-channel attacks represent a serious threat to implementations of several cryptographic primitives, especially in shared libraries. This work explains some of the cache-timing techniques commonly used to exploit vulnerable software. Using a particular combination of techniques and exploiting a vulnerability found in the implementation of the DSA signature scheme in the OpenSSL shared library, a cache-timing attack is performed against the DSA’s sliding window exponentiation algorithm. Moreover, the attack is expanded to show that it is possible to perform cache-timing attacks against protocols relying on the DSA signature scheme. SSH and TLS are attacked, leading to a key-recovery attack: 260 SSH-2 handshakes to extract a 1024/160-bit DSA hostkey from an OpenSSH server, and 580 TLS 1.2 handshakes to extract a 2048/256-bit DSA key from an stunnel server. en
dc.format.extent 70 + 8
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title Cache-Timing Techniques: Exploiting the DSA Algorithm en
dc.type G2 Pro gradu, diplomityö fi Perustieteiden korkeakoulu fi
dc.subject.keyword applied cryptography en
dc.subject.keyword cache-timing attacks en
dc.subject.keyword side-channel analysis en
dc.subject.keyword digital signatures en
dc.subject.keyword DSA en
dc.subject.keyword OpenSSL en
dc.identifier.urn URN:NBN:fi:aalto-201608263035
dc.programme.major Mobile Computing, Services and Security en
dc.programme.mcode SCI3071 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Asokan, N.
dc.programme Master's Degree Programme in Security and Mobile Computing (NordSecMob) fi

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication


My Account