Learning Centre

Cache Timing Attacks on Public Key Encryption

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Tischhauser, Elmar
dc.contributor.author Heikal, Mohamed
dc.date.accessioned 2017-09-04T10:32:20Z
dc.date.available 2017-09-04T10:32:20Z
dc.date.issued 2017-08-28
dc.identifier.uri https://aaltodoc.aalto.fi/handle/123456789/27907
dc.description.abstract The rise of cloud computing has made it a lot easier for attackers to be able to run code on the same processors as their target. This has made many attacks more viable. This thesis discusses a cache timing attack targeting the LibTomMath library. LibTom-Math is a mathematical library for computations using large integers. The library is used in some cryptographic libraries such the commercial solution WolfCrypt. The attack mainly focuses on the modular exponentiation function of LibTom-Math which is a major part of RSA implementations. The aim of the attack is to use cache timing in order to extract the long term private key used by the server for encrypting communications. Recovering the private key, gives the attacker access to past and future communications secured using this key, which usually has a lifespan of at least one year. The attack only requires that it shares a processor with the victim and works even if the attack process and the victim process are running on different Virtual Machines. The thesis includes a description of the RSA cipher as well as the various optimizations that are used in a lot of cryptographic libraries. Next, it describes how to use cache timing to exploit some of those optimizations in order to gain information about the secret exponent based on the memory access patterns of the target code. Finally, it discusses the limitations of the attack as well as how cloud service providers, cryptographic library developers, as well as processor manufacturers, may be able to mitigate this class of attacks. en
dc.format.extent 104
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title Cache Timing Attacks on Public Key Encryption en
dc.type G2 Pro gradu, diplomityö fi
dc.contributor.school Perustieteiden korkeakoulu fi
dc.subject.keyword cryptography en
dc.subject.keyword cryptanalysis en
dc.subject.keyword RSA en
dc.subject.keyword cache timing en
dc.identifier.urn URN:NBN:fi:aalto-201709046806
dc.programme.major Security and Mobile Computing fi
dc.programme.mcode T3011 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Ylä-Jääski, Antti
dc.programme Master's Degree Programme in Security and Mobile Computing (NordSecMob) fi
local.aalto.electroniconly yes
local.aalto.openaccess yes

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication