Skip to content

Timing attacks and broader side-channel attacks

Side-channel attacks are threats that exploit unintended information leaks from cryptographic implementations, such as execution time, power consumption, or electromagnetic emissions. Such attacks target the physical or observable behaviors of systems rather than the underlying mathematical structure of cryptographic algorithms. By analyzing such leaks, attackers can infer sensitive information, including private keys, which can lead to unauthorized access, data breaches, and compromised authentication mechanisms.

Among side-channel attacks, timing attacks are particularly common, leveraging variations in execution time caused by cryptographic operations. Real-world risks include vulnerabilities in RSA, AES, DSA, ECDSA, and post-quantum algorithms like ML-KEM. Preventing these attacks is important, as improper implementation can undermine otherwise robust cryptographic designs. This document details the mechanisms behind these attacks and their potential impact, and outlines crucial countermeasures and implementation strategies to mitigate these vulnerabilities.

Introduction to side-channel attacks

Side-channel attacks target the unintended information leaks during cryptographic operations, which can compromise system security. While these attacks primarily focus on extracting secret keys, they can also target other sensitive information, such as plaintext messages. These vulnerabilities stem from implementation flaws, hardware design issues, or environmental factors, rather than weaknesses in the cryptographic algorithms themselves.

To better understand the nature of timing and side-channel attacks, and the techniques used to mitigate them, we will introduce a few key definitions.
Timing side-channel attacks A timing side-channel is a vulnerability where an attacker can infer secret information by observing variations in how long a cryptographic operation takes to execute. For instance, if a program’s execution time changes depending on a secret value—as in the example if(secret == x) then do_something()—an attacker can analyze these timing differences (in a conditional branch) to infer the secret value.
Power or EM side-channel attacks A power or electromagnetic (EM) side-channel is a vulnerability where an attacker can infer secret data by observing physical emissions such as electromagnetic radiation or measuring power consumption. As a simple illustration, during the operation c = a*b, power consumption or EM emissions may differ depending on whether b = 42 or b = 0, as setting a register to a non-zero value consumes slightly more power than leaving it at zero. These variations may correlate with the secret data, enabling attackers to extract sensitive information.
Countermeasures to timing attacks Timing side-channels are mitigated with “constant-time programming” techniques. This approach involves implementing cryptographic algorithms in a way that ensures their execution time is independent of the specific values of secret data.

It involves eliminating execution time variations caused by:
  • Conditional branches based on secret data
  • Memory accesses with indices derived from secret values
  • Instructions with data-dependent timing to process secret values, such as division, where execution time varies depending on the input values.

The key is to ensure that all code paths execute in constant-time, independent of the values of secret data, ensuring that no timing differences leak information. While the term “constant-time” suggests uniform execution time, in this context it means ensuring that the execution time depends only on non-secret factors, such as the algorithm itself, the length of the input, and public parameters.
Countermeasures to power or EM side-channels Mitigating power or EM side-channels involves extending the principles of constant-time programming to ensure that physical emissions, such as power consumption or electromagnetic radiation, are independent of the specific values of secret data. For instance, during the operation c = a*b, the power usage or EM emissions should remain identical regardless of whether b = 42 or b = 0. This is achieved through various techniques including masking, balancing operations, noise injection, and using specialized hardware protections such as electromagnetic shielding.

Implementations with known side-channel risks

Cryptographic implementations are inherently susceptible to side-channel attacks due to unintended information leakage during execution on commodity hardware. These vulnerabilities arise from implementation flaws, underlying hardware issues, or environmental factors, rather than weaknesses in the algorithms themselves. Side-channels, such as timing variations, power consumption patterns, or cache access patterns, can expose sensitive data even in implementations of otherwise secure algorithms.

Among these, timing attacks are particularly concerning because they can (in principle) be conducted remotely, without requiring physical access to the target device. In contrast, other side-channel attacks, such as those exploiting power consumption or electromagnetic emissions, typically require direct access to the hardware, such as a smart card or IoT device.

The following are examples of algorithms where side-channel vulnerabilities have been demonstrated:

  1. RSA: Timing leaks during modular exponentiation in decryption and signing operations, such as when using the square-and-multiply algorithm, can expose private keys in unprotected implementations. A landmark example is the attack described by Brumley and Boneh in Remote Timing Attacks are Practical. This was one of the first known remote side-channel attacks demonstrating the feasibility of exploiting timing vulnerabilities over a network.

  2. ECDSA: Timing variations during signature generation can be exploited to infer private keys. Specifically, the use of ephemeral keys (“k”) can introduce timing vulnerabilities. For example, Brumley and Tuveri demonstrated remote timing attacks on ECDSA in OpenSSL in their paper, Remote Timing Attacks are Still Practical, using network-based measurements to recover private keys involved in server authentication during TLS handshakes. Real-world vulnerabilities include:

    • CVE-2011-1945 highlighting timing differences in ECDSA implementations.
    • CVE-2018-0495 where timing leaks in cryptographic libraries exposed private keys.

    Research such as LadderLeak further emphasizes the risks of timing leaks during scalar multiplication.

  3. AES: Cache timing attacks target table lookups during encryption to recover secret keys. Bernstein’s Cache-Timing Attacks on AES demonstrated how attackers with local access could observe cache behavior to recover AES keys. Building on this, Cache Based Remote Timing Attack on the AES showed that such attacks are also feasible remotely, where attackers infer cache behavior over a network to extract AES keys.

  4. Kyber (ML-KEM): Post-quantum cryptographic algorithms, such as Kyber, are designed to resist attacks from quantum computers. However, research, including KyberSlash: Exploiting secret-dependent division timings in Kyber implementations, shows how attackers can use small timing differences during decryption to extract sensitive information, such as private keys.

  5. DSA: The Digital Signature Algorithm (DSA) is vulnerable to timing attacks if its implementation does not ensure constant-time operations. Real-world vulnerabilities include CVE-2016-1000341 and CVE-2018-0734, where improper handling of DSA signing exponentiation led to timing leaks that could expose private keys. Research such as Lattice Attacks on Digital Signature Schemes further underscores the risks of nonce leakage.

Severity of timing and side-channel attacks

The severity of timing and side-channel attacks depends on several factors, including the cryptographic algorithm in use, the attacker’s access level, and the type of information leaked. These attacks exploit weaknesses in implementation or hardware, making even theoretically secure systems vulnerable if proper safeguards against side-channel risks are not in place.

Often, these weaknesses are not known to experts at the time the implementation was developed, and in some cases, even hardware manufacturers may be unaware of vulnerabilities in their designs. This uncertainty amplifies the risk, as side-channel vulnerabilities can remain undetected for years before being exploited.

Key factors contributing to severity

The severity of timing and side-channel attacks is influenced by several key factors which collectively determine the potential risk and consequences of such attacks.

  • Accessibility of the Attack: Timing and other side-channel attacks differ in their accessibility.
  • Remote attacks, such as those targeting RSA or ECDSA timing leaks, require minimal access and may be launched over a network.
  • Local attacks, like cache timing on AES or power analysis, usually require physical or even privileged access to the target device. While more challenging to execute, local attacks remain significant in specific contexts, such as cloud environments or smart card implementations.
  • Complexity of Execution: The complexity of a timing or other side-channel attack varies based on the algorithm and the required level of precision. While some attacks demand extensive measurements or high-resolution timing tools, advancements in attack techniques, statistical methods, and automation have made many attacks—such as remote timing attacks on ECDSA—practical and relatively straightforward to execute.
  • Impact of the Vulnerability: Attackers typically target private keys or secret keys, as these provide the greatest level of access to sensitive data and systems. For example, private key exposure allows attackers to decrypt sensitive information or impersonate users. In some cases, plaintext messages can also be targeted. Even attacks that learn partial knowledge about keys or plaintexts can have devastating consequences, depending on the context.
  • Algorithm and Implementation Weaknesses: Algorithms relying on non-constant-time operations, such as modular exponentiation, scalar multiplication, or table lookups, are particularly prone to timing and side-channel attacks. While RSA, DSA, and ECDSA are known to exhibit such vulnerabilities, post-quantum algorithms like Kyber are also susceptible if implemented without constant-time safeguards. Poor implementation practices and hardware-specific issues, such as cache behavior or branch prediction, further amplify the risks.

Countermeasures

Mitigating timing and side-channel vulnerabilities requires a combination of secure implementation practices, robust cryptographic tools, and careful risk assessment. The following measures help ensure systems remain resilient to these attacks:

  1. Constant-time programming. The cryptography implementation designs should follow constant-time programming principles to eliminate timing leaks. This ensures their execution time is independent of secret values to prevent timing leaks that enable attackers to infer sensitive data.

  2. Using hardened libraries. Leverage well-maintained cryptographic libraries, such as OpenSSL or libsodium, which incorporate hardened implementations to minimize the risk of timing vulnerabilities.

  3. Regular vulnerability testing. Conduct regular testing for timing and side-channel vulnerabilities using tools like ctgrind, Valgrind, or side-channel analysis frameworks to identify weaknesses early in the development lifecycle.

  4. Timely updates. Regularly update cryptographic libraries and frameworks to address newly discovered vulnerabilities and maintain compliance with emerging standards.

Before implementing countermeasures against power and electromagnetic (EM) side-channels, organizations should first assess whether such risks are relevant to their specific use cases. Implementing power or EM countermeasures is generally necessary only in environments where attackers have physical access or the ability to observe emissions, including potential remote observation with highly sensitive equipment. If these risks are deemed relevant, organizations can mitigate them by adopting hardened cryptographic hardware solutions, such as hardware security modules (HSMs) or secure enclaves. This risk can also be mitigated by using certified hardware, such as devices evaluated under Common Criteria (EAL5+ or higher), or by commissioning external evaluations through accredited security labs to verify resistance against side-channel attacks.

However, it’s crucial to acknowledge that side-channel mitigations aim to make attacks as infeasible as practically possible, rather than providing absolute immunity. Furthermore, due to the constant evolution of attack methodologies, existing countermeasures may require updates or modifications to remain effective against newly discovered vulnerabilities.

Organizations must balance security requirements with practicality, ensuring countermeasures are tailored to their specific threat models and operational needs. In most cases, adhering to best practices for cryptographic implementation and selecting hardened libraries will sufficiently mitigate most timing and side-channel risks.

Sources