Timing Attack is a form of #Side-Channel Attack which analyse the time taken to execute a decryption #algorithm to guess the size of an operand or any critical cryptographic information.
Timing Attack
- Side-Channel Attack
-
Rivest-Shamir-Adleman (RSA)
However, using the above algorithm, primarily the decryption part, is exposed to possible Timing Attack# and CCA#. Several ways of Avoiding Timing Attack on RSA# could be done to the algorithm in order to avoid or decrease the efficiency from timing.
The security of RSA is guarantee by its Trapdoor One-Way Function# nature as primes \(p\) and \(q\) are only known to the key owner. It is impossible to do a Brute Force Attack on RSA due to the large key size. Other Cryptanalytic Attack such as mathematical attack based on difficulty of computing \(\phi(n)\), by factoring modulus \(n\) (can be overcome by having a larger \(n\)), timing attacks# on decryption algorithm, and chosen ciphertext attacks (CCA) can be done on RSA.
-
Data Encryption Standard (DES)
DES encrypts 64-bit of data using 56-bit key, which has been criticised of having poor security due to the small key size, making it vulnerable to possible Brute Force Attack. Analytic Attacks are possible to crack DES. Other than that, smart-card implementation of DES is susceptible to Timing Attack.
-
Avoiding Timing Attack on RSA
#Timing Attack invented by Paul Kocher exploits the variations in the #Rivest-Shamir-Adleman (RSA) operations. It explores the possible operand size based on the time taken for each exponentiation done in decryption algorithm.