• DocumentCode
    3391725
  • Title

    Timing attacks against trusted path

  • Author

    Trostle, Jonathan T.

  • fYear
    1998
  • fDate
    3-6 May 1998
  • Firstpage
    125
  • Lastpage
    134
  • Abstract
    Presents new attacks against a user workstation´s trusted path mechanism. These timing attacks can cause a user´s password to leak bits. The timing attacks can then be combined with network authentication protocol brute-force attacks against the remainder of the key space to obtain the user´s password. We present several countermeasures against this attack. We also define a property of user systems (workstations) called Trojan horse non-persistence. Workstations that fail to have this properly are more vulnerable to the timing attack and other Trojan horse attacks
  • Keywords
    authorisation; computer viruses; message authentication; timing; workstations; Trojan horse nonpersistence; bit leaking; countermeasures; key space; network authentication protocol brute-force attacks; timing attacks; trusted path mechanism; user password; user systems; user workstation; Access control; Authentication; Cryptographic protocols; Horses; Invasive software; Java; Timing; Web pages; Workstations; World Wide Web;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1998. Proceedings. 1998 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • ISSN
    1081-6011
  • Print_ISBN
    0-8186-8386-4
  • Type

    conf

  • DOI
    10.1109/SECPRI.1998.674829
  • Filename
    674829
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3391725