CSE 127: Lecture 8

The topics covered in this lecture are Differential Power Analysis and Tenex Password,

Differential Power Analysis

Using a different statistical characteristic -- the amount of electrical power used by a modular multiply operation -- the same idea used in Differential Timing Analysis is used to extract the RSA private key exponent one bit at a time.

Tenex Password

A much stronger timing signal is available in an attack on the Tenex operating system's system call to verify a user's password.

In Tenex, the operating system kernel has all users' passwords in cleartext; no encryption is done, as is on most more modern operating systems. When a user-level application wishes to switch to another user account, it makes a system call, providing the user account name and password in string buffers. The kernel looks up the correct password corresponding to the account in its internal database, and performs a character-at-a-time string comparison with the provided password. This is the standard string compare function and terminates with a unequal return status as soon as a mismatch is seen.


These are links additional security-related information. Exploring them is optional unless otherwise stated.

[ search CSE | CSE | bsy's home page | links | webster | MRQE | google | yahoo | citeseer | pgp certserver | openpgp certserver ]
picture of bsy

bsy+cse127.w03@cs.ucsd.edu, last updated Sat Feb 8 16:55:32 PST 2003. Copyright 2003 Bennet Yee.
email bsy.

Don't make me hand over my privacy keys!