Communication timing attack on the public key management system Kerberos for distributed authentication through the RSA encryption
This thesis looks at a communication timing attack on Public key Kerberos for distributed authentication (PKDA). It is based on research carried out at two cryptography levels namely, the algorithm level and the protocol level. At the algorithm level, the Rivest Shamir Adleman (RSA) encryption algorithm is studied for weaknesses that may be exploitable in a communication timing attack. A probable communication timing attack scenario is built up. Based on this, a preventive measure for timing attack, called blinding on RSA is also studied. A secure functional model of the RSA is proposed. A mathematical expression for the decryption time, a bit size function and the computation speed of modular reduction algorithm is formulated as these are the major contributing factors for the decryption time. At the protocol level, PKDA is studied. In particular, the public key based Kerberos for initial authentication (PKINIT) based on RSA is studied. The emphasis is again on the communication timing attack. The thesis determines that a communication timing attack may be carried out by an intelligent sniffer at the steps where a public key based request and response are sent. A preventive measure is suggested in this thesis by using, again, the blinding technique. ^
Vasa, Esther Vanitha, "Communication timing attack on the public key management system Kerberos for distributed authentication through the RSA encryption" (2003). ETD Collection for University of Texas, El Paso. AAIEP10613.