Return to d'Auriol's Students Supervised Page
Contact
|
Esther Vanitha Vasa, Communication Timing Attack on the Public Key Management System Kerberos for Distributed Authentication Through the RSA Encryption, Department of Computer Science, The University of Texas at El Paso, December 2003. Advisor: Brian J. d'Auriol
Abstract
This thesis looks at a communication timing attack on Public key Kerberos
for distributed authentication (PKDA). It is based on research carried out
at two cryptograhy levels namely, the algorithm level and the protocol level.
At the algorithm level, the Rivest Shamir Adleman (RSA) encryption algorithm
is studied for weaknesses that may be exploitable in a communication timing
attack. A probable communication timing attack scenario is built up. Based on
this, a preventive measure for timing attack, called blinding on RSA is also
studied. A secure functional model of the RSA is proposed. A mathematical
expression for the decryption time, a bit size function and the computation
speed of modular reduction algorithm is formulated as these are the major
contributing factors for the decryption time. At the protocol level, PKDA is
studied. In particular, the public key based Kerberos for initial
authentication (PKINIT) based on RSA is studied. The emphasis is again on
the communication timing attack. The thesis determines that a communication
timing attack may be carried out by an intelligent sniffer at the steps where
a public key based request and response are sent. A preventive measure is
suggested in this thesis by using, again, the blinding technique.
|