Politecnico di Bari
Timing attacks against secret-key/public-key cryptosystems attempt to recover complete key information by measuring the running time of certain computations during the encryption or decryption processes. Branch prediction analysis has been recently proposed as an attack method to extract the key from software implementations of the RSA public key cryptographic algorithm. In this paper, the authors describe several solutions to protect against such an attack and analyze their impact on the execution time of the cryptographic algorithm. They show that the code transformations required for protection against branch target buffer attacks can be automated and impose only a negligible performance penalty.