Welcome to the resource topic for 2023/135
Title:
Uncovering Vulnerabilities in Smartphone Cryptography: A Timing Analysis of the Bouncy Castle RSA Implementation
Authors: Sarani Bhattacharya, Dilip Kumar Shanmugasundaram Veeraraghavan, Shivam Bhasin, Debdeep Mukhopadhyay
Abstract:Modern day smart phones are used for performing several sensitive operations, including online payments. Hence, the underlying cryptographic libraries are expected to adhere to proper security measures to ensure that there are no exploitable leakages. In particular, the implementations should be constant time to prevent subsequent timing based side channel analysis which can leak secret keys. Unfortunately, we unearth in this paper a glaring timing variation present in the Bouncy-Castle implementation of RSA like ciphers which is based on the BigInteger Java library to support large number theoretic computations. We follow up the investigation with a step-by-step procedure to exploit the timing variations to retrieve the complete secret of windowed RSA-2048 implementation. The entire analysis is possible with a single set of timing observation, implying that the timing observation can be done at the onset, followed by some post processing which does not need access to the phone. We have validated our analysis on Android Marshmallow 6.0, Nougat 7.0 and Oreo 8.0 versions. Interestingly, we note that for newer phones the timing measurement is more accurate leading to faster key retrievals.
ePrint: https://eprint.iacr.org/2023/135
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .