A practical timing attack on RSA over a LAN

Today, the specific implementation of a cryptosystem is of possibly greater importance than the underlying cryptographic algorithm itself. Through side-channel cryptanalysis, an adversary may deduce a secret key just by monitorm g implementation-specific side channels, such as execution time or power consumption during a cryptographic operation. In this paper, we describe a successful remote timing attack against a server running a protocol similar to SSL. Using a fully-automated attack on Chinese Remaindering Theorem (CRT) implementations of RSA, we show it is practical to recover a 1024-bit key in under an hour over a local area network.