On the Randomness Timing Analysis of Timing Side Channel Attack on Key Derivation Functions

A timing attack is an example of a side channel attack which relies on the leaking timing information from the implementation of a crypto system. The different type of cryptographic primitives used to construct the key derivation functions has resulted in timing variation which enables the adversary to perform timing attack on key derivation functions. Based on the paper published by Chuah and Koh, the software implementation of key derivation functions using hash functions, stream ciphers and block cipher as the cryptographic primitives are vulnerable to the timing attack. This kind of attack can be mitigated via masks the actual timing information using randomness timing solution. The randomness timing solution is based on the concept of "random for loop". This paper shows the outcome of experiments on implementing the randomness timing delay on key derivation functions based on three type of cryptographic primitives. The experiment's result indicated that the countermeasure propose is secure against timing side channel attack on key derivation functions proposals.