You are looking at a specific version 20160301:221414 of this paper.
See the latest version.
Paper 2016/224
CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
Yuval Yarom and Daniel Genkin and Nadia Heninger
Abstract
The scatter-gather technique is a commonly-implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant-time. We implement a cache timing attack against the scatter-gather implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f. Our attack exploits cache-bank conflicts on the Sandy Bridge microarchitecture. We have tested the attack on an Intel Xeon E5-2430 processor. For 4096-bit RSA our attack can fully recover the private key after observing 16,000 decryptions.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- side-channel attackscache attackscryptographic implementationsconstant-timeRSA
- Contact author(s)
- yval @ cs adelaide edu au
- History
- 2016-03-01: received
- Short URL
- https://ia.cr/2016/224
- License
-
CC BY