Timing attack beats cryptographic keys.To foil eavesdroppers, banks and other businesses handling electronic transactions have turned to various forms of cryptography to scramble and hide sensitive information. Now, a researcher has identified a potentially serious vulnerability in certain widely used cryptosystems. This flaw may threaten the security of encrypted data transfers across computer networks. Cryptography expert Paul C. Kocher, an independent digital security consultant in Stanford, Calif., posted his findings this week on the Internet. "The general idea of the attack is that secret keys can be found by measuring the amount of time used to process messages," he says. Kocher's approach applies to public-key cryptosystems. In such schemes, each person gets a pair of keys, or sets of numbers used in a computer program for encrypting and decrypting messages. One key is published openly, so anyone can use it to encrypt a message. But only the recipient knows the corresponding private key needed to unscramble Same as decrypt. See scramble. it. Kocher discovered that these cryptosystems often take slightly different amounts of time to decrypt To convert secretly coded data (encrypted data) back into its original form. Contrast with encrypt. See plaintext and cryptography. different messages. By surreptitiously sur·rep·ti·tious adj. 1. Obtained, done, or made by clandestine or stealthy means. 2. Acting with or marked by stealth. See Synonyms at secret. measuring the duration of many such operations, an attacker can accumulate enough data to deduce the private key and read the confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead . "The attacks are particularly alarming because they often require only known ciphertext Data that has been encrypted for security purposes. See plaintext. (cryptography) ciphertext - Text which has been encrypted by some encryption system. Opposite: plaintext. , work even if timing measurements are somewhat inaccurate, are computationally easy, and are difficult to detect," Kocher says. "This is a real problem, especially for keys that stay around for a long time," says Peter G. Neumann Peter G. Neumann is a researcher who has worked on the Multics operating system in the 1960s. He edits the Computer Risks columns for ACM Software Engineering Notes and Communications of the ACM. He founded ACM SIGSOFT and is a Fellow of the ACM, IEEE and AAAS. of SRI International (company) SRI International - One of the world's largest contract research firms. Founded in 1946 in conjuction with Stanford University as the Stanford Research Institute, they later became fully independent and were incorporated as a non-profit organisation under U.S. in Menlo Park, Calif. Attacks that involve keeping track of how long operations take have been considered in the past, but they were of real interest only to such groups as the National Security Agency. The increasing use of public-key cryptography in commercial dealings on computer networks has now focused new attention on these concerns. "You have to take it seriously," says Joan Feigenbaum of AT&T Bell Laboratories in Murray Hill, N.J. "But that doesn't mean this weakness is fatal." Researchers are already considering cryptographic schemes that take the same amount of time for all possible keys or use additional randomizing to disguise the time that operations require. Kocher's report is posted on the World Wide Web at the address http://www.cryptography.com/. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion