The H reports
on a successful timing attack against the Elliptic Curve digital signature
algorithm in OpenSSL:
For their tests, the researchers set up
an SSL server with OpenSSL and measured the time it took to create a
digital signature using Elliptic Curve DSA
(ECDSA). This allowed them to
calculate the server's secret key. When establishing an SSL connection via
the local loopback interface, they managed to do this almost
instantaneously. While packet transfer times on a local network caused
measurement uncertainties, these uncertainties could be compensated for
with some further calculations.
Overall, the attack described in Remote Timing Attacks are Still Practical [PDF]
also proved feasible over a network.
No working countermeasures have so far been found; the US-CERT advises that
ECDSA should no longer be used for digital signatures. To prevent this type
of attack, the researchers recommend implementing time-independent
functions for operations on elliptic curves.
to post comments)