Elsevier

Computer Networks

Volume 48, Issue 5, 5 August 2005, Pages 701-716
Computer Networks

Remote timing attacks are practical

https://doi.org/10.1016/j.comnet.2005.01.010Get rights and content

Abstract

Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network servers are practical and therefore security systems should defend against them.

Introduction

Timing attacks enable an attacker to extract secrets maintained in a security system by observing the time it takes the system to respond to various queries. For example, Kocher [11] designed a timing attack to expose secret keys used for RSA decryption. Until now, these attacks were only applied in the context of hardware security tokens such as smartcards [5], [11], [19]. It is generally believed that timing attacks cannot be used to attack general purpose servers, such as web servers, since decryption times are masked by many concurrent processes running on the system. It is also believed that common implementations of RSA (using Chinese Remainder and Montgomery reductions) are not vulnerable to timing attacks.

We challenge both assumptions by developing a remote timing attack against OpenSSL [16], an SSL library commonly used in web servers and other SSL applications. Our attack client measures the time an OpenSSL server takes to respond to decryption queries. The client is able to extract the private key stored on the server. The attack applies in several environments.

Network. We successfully mounted our timing attack between two machines on our campus network. The attacking machine and the server were in different buildings with three routers and multiple switches between them. With this setup we were able to extract the SSL private key from common SSL applications such as a web server (Apache + mod_SSL) and a SSL-tunnel.

Interprocess. We successfully mounted the attack between two processes running on the same machine. A hosting center that hosts two domains on the same machine might give management access to the admins of each domain. Since both domain are hosted on the same machine, one admin could use the attack to extract the secret key belonging to the other domain.

Virtual machines. A Virtual Machine Monitor (VMM) is often used to enforce isolation between two virtual machines (VM) running on the same processor. One could protect an RSA private key by storing it in one VM and enabling other VM’s to make decryption queries. For example, a web server could run in one VM while the private key is stored in a separate VM. This is a natural way of protecting secret keys since a break-in into the web server VM does not expose the private key. Our results show that when using OpenSSL the network server VM can extract the RSA private key from the secure VM, thus invalidating the isolation provided by the VMM. This is especially relevant to VMM projects such as Microsoft’s NGSCB architecture (formerly Palladium). We also note that NGSCB enables an application to ask the VMM (aka Nexus) to decrypt (aka unseal) application data. The application could expose the VMM’s secret key by measuring the time the VMM takes to respond to such requests.

Many crypto libraries completely ignore the timing attack and have no defenses implemented to prevent it. For example, libgcrypt [15] (used in GNUTLS and GPG) and Cryptlib [6] do not defend against timing attacks. OpenSSL 0.9.7 implements a defense against the timing attack as an option. However, common applications such as mod_SSL, the Apache SSL module, do not enable this option and are therefore vulnerable to the attack. These examples show that timing attacks are a largely ignored vulnerability in many crypto implementations. We hope the results of this paper will help convince developers to implement proper defenses (see Section 6). Interestingly, Mozilla’s NSS crypto library properly defends against the timing attack. We note that most crypto acceleration cards also implement defenses against the timing attack. Consequently, network servers using these accelerator cards are not vulnerable.

We chose to tailor our timing attack to OpenSSL since it is the most widely used open source SSL library. The OpenSSL implementation of RSA is highly optimized using Chinese Remainder, Sliding Windows, Montgomery multiplication, and Karatsuba’s algorithm. These optimizations cause both known timing attacks on RSA [11], [19] to fail in practice.

Consequently, we had to devise a new timing attack based on [22], [23], [19], [20], [21] that is able to extract the private key from an OpenSSL-based server. As we will see, the performance of our attack varies with the exact environment in which it is applied. Even the exact compiler optimizations used to compile OpenSSL can make a big difference.

In Sections 2 OpenSSL’s implementation of RSA, 3 A timing attack on OpenSSL we describe OpenSSL’s implementation of RSA and the timing attack on OpenSSL. In Section 4 we discuss how these attacks apply to SSL. In Section 5 we describe the actual experiments we carried out. We show that using about a million queries we can remotely extract a 1024-bit RSA private key from an OpenSSL 0.9.7 server. The attack takes about two hours. Section 6 discusses defenses against timing attacks.

Timing attacks are related to a class of attacks called side-channel attacks. These include power analysis [10] and attacks based on electromagnetic radiation [17]. Unlike the timing attack, these extended side channel attacks require special equipment and often physical access to the machine. In this paper we only focus on the timing attack. We also note that our attack targets the implementation of RSA decryption in OpenSSL. Our timing attack does not depend upon the RSA padding used in SSL and TLS.

Section snippets

OpenSSL’s implementation of RSA

We begin by reviewing how OpenSSL implements RSA decryption. We only review the details needed for our attack. OpenSSL closely follows algorithms described in the Handbook of Applied Cryptography [12], where more information is available.

A timing attack on OpenSSL

Our attack exposes the factorization of the RSA modulus. We combine Schindler’s attack on extra Montgomery reductions with a new attack targeting the multiplication routines. Let N = pq with q < p. We build approximations to q that get progressively closer as the attack proceeds. We call these approximations guesses. We refine our guess by learning bits of q one at a time, from most significant to least. Thus, our attack can be viewed as a binary search for q. After recovering the half-most

Real-world scenarios

As mentioned in the introduction there are a number of scenarios where the timing attack applies to networked servers. We discuss an attack on SSL applications, such as stunnel [24] and an Apache web server with mod_SSL [13], and an attack on trusted computing projects such as Microsoft’s NGSCB (formerly Palladium).

During a standard full SSL handshake the SSL server performs an RSA decryption using its private key. The SSL server decryption takes place after receiving the client-key-exchange

Experiments

We performed a series of experiments to demonstrate the effectiveness of our attack on OpenSSL. In each case we show the factorization of the RSA modulus N is vulnerable. We show that a number of factors affect the efficiency of our timing attack.

Our experiments consisted of:

  • 1.

    Test the effects of increasing the number of decryption requests, both for the same ciphertext and a neighborhood of ciphertexts.

  • 2.

    Compare the effectiveness of the attack based upon different keys.

  • 3.

    Compare the effectiveness of

Defenses

We discuss three possible defenses. The most widely accepted defense against timing attacks is to perform RSA blinding. The RSA blinding operation calculates x = reg mod N before decryption, where r is random, e is the RSA encryption exponent, and g is the ciphertext to be decrypted. x is then decrypted as normal, followed by division by r, i.e. xe/r mod N. Since r is random, x is random and timing the decryption should not reveal information about the key. Note that r should be a new random number

Conclusion

We devised and implemented a timing attack against OpenSSL—a library commonly used in web servers and other SSL applications. Our experiments show that, counter to current belief, the timing attack is effective when carried out between machines separated by multiple routers. Similarly, the timing attack is effective between two processes on the same machine and two Virtual Machines on the same computer. As a result of this work, several crypto libraries, including OpenSSL, now implement

Acknowledgement

This material is based upon work supported in part by the National Science Foundation under grant no. 0121481 and the Packard Foundation. We thank the reviewers, Dr. Monica Lam, Ramesh Chandra, Constantine Sapuntzakis, Wei Dai, Art Manion and CERT/CC, and Dr. Werner Schindler for their comments while preparing this paper. We also thank Nelson Bolyard, Geoff Thorpe, Ben Laurie, Dr. Stephen Henson, Richard Levitte, and the rest of the OpenSSL, mod_SSL, and stunnel development teams for their help

David Brumley is a PhD student at Carnegie Mellon University. He is primarily interested in software security and cryptography.

References (24)

  • M. Blaze, Simple UNIX time quantization package, Available from...
  • D. Boneh et al.

    On the importance of checking cryptographic protocols for faults

  • D. Coppersmith

    Small solutions to polynomial equations, and low exponent RSA vulnerabilities

    Journal of Cryptology

    (1997)
  • S.A. Crosby, D.S. Wallach, Opportunities and limits of remote timing attacks,...
  • J.-F. Dhem, F. Koeune, P.-A. Leroux, P. Mestre, J.-J. Quisquater, J.-L. Willems, A practical implementation of the...
  • P. Gutmann, Cryptlib, Available from...
  • Intel, Vtune performance analyzer for linux v1.1, Available from...
  • Intel, Using the RDTSC instruction for performance monitoring, Technical report, Intel,...
  • Intel, IA-32 intel architecture optimization reference manual, Technical report 248966-008, Intel,...
  • P. Kocher, J. Jaffe, B. Jun, Differential power analysis: Leaking secrets, in: Crypto 99, 1999, pp....
  • P. Kocher

    Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems

  • A. Menezes et al.

    Handbook of applied cryptography

    (1996)
  • Cited by (0)

    David Brumley is a PhD student at Carnegie Mellon University. He is primarily interested in software security and cryptography.

    Dan Boneh heads the applied crypto group at the Computer Science department at Stanford University. Dr. Boneh’s research focuses on applications of cryptography to computer security. He is the author of over 60 technical publications in the field. Dr. Boneh’s work includes e-mail security, security for handheld devices and web servers, digital copyright protection, and cryptanalysis. He is a recipient of the Packard Award, the Alfred P. Sloan Award, and the Terman Award.

    View full text