Subscribe via feed.

Remote timing attacks are practical

Posted by deepquest on March 18, 2003 – 6:42 pm

Specifically, we devise a timing attack against OpenSSL. The experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network.

Results demonstrate that timing attacks against network servers are practical and therefore all security systems should defend against them.

Full paper [url=http://crypto.stanford.edu/~dabo/papers/ssl-timing.ps]PS[/url] or [url=http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf]PDF[/url]. Here’s a local copy in PDF format:[url=https://deepquest.code511.com/blog/images/uploads/txt/ssl-timing.pdf]ssl-timing.pdf[/url]


This post is under “Security” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.