Timing Attack on the ECDSA part of an ECDHE TLS handshake in OpenSSL

Timing Attack on the ECDSA part of an ECDHE TLS handshake in OpenSSL

The end goal is to release a script that targets an ip, request a bunch of signatures, try to mount the attack. If the server uses a vulnerable TLS implementation then it outputs the key.TIMING-ATTACK-ecsda
What’s to do to achieve that?
+ combine attack.c and lattice.sage in one file
+ get better timing reasults
+ compute the hash and truncate it correctly (well actually we can copy the openssl code directly)
+ do the random subset algorithm to take care of false positives

Structure :
– in setup/ you can find how to setup the server and the client to reproduce the attack (and how to modify the server’s openSSL to remove the fix)
– in datasets/ you have data I got from my own experiments. You can play with that if you don’t want to setup a client/server. Note that my measurements from the client sucks
– in tools/ you have tools to play with the data in datasets/. Read the README there for more info.
– PoC/ is an old proof of concept, it can run and find a key. It’s not very pretty though

update on august 18th 2015: disabled Nagel’s algorith, got better results, tried isolating the CPU, got even better results!

Download : timing_attack_ecdsa_tls.zip(1.38 MB) | Clone Url
Source : https://github.com/mimoo