Timing Attack - Concept

Concept

A timing attack is an example of an attack that exploits the data-dependent behavioral characteristics of the implementation of an algorithm rather than the mathematical properties of the algorithm itself.

Many cryptographic algorithms can be implemented (or masked by a proxy) in a way that reduces or eliminates data dependent timing information: consider an implementation in which every call to a subroutine always returns in exactly x seconds, where x is the maximum time it ever takes to execute that routine on every possible authorised input. In such an implementation, the timing of the algorithm leaks no information about the data supplied to that invocation. The down side of this approach is that the time to execute many invocations increases from the average performance of the function to the worst case performance of the function.

Timing attacks are practical in many cases:

• Timing attacks can be applied to any algorithm that has data-dependent timing variation. Software run on a CPU with a data cache will exhibit data-dependent timing variations as a result of memory looks into the cache. Some operations, such as multiplication may have varied execution time depending on the inputs. Removing timing-dependencies is difficult in some algorithms that use low-level operations that frequently exhibit varied execution time.
• Finding secrets through timing information may be significantly easier than using cryptanalysis of known plaintext, ciphertext pairs. Sometimes timing information is combined with cryptanalysis to improve the rate of information leakage.