A practical implementation of the timing attack

When the running time of a cryptographic algorithm is non-constant, timing measurements can leak information about the secret key. This idea, first publicly introduced by Kocher, is developed here to attack an earlier version of the CASCADE smart card(1). We propose several improvements on Kocher's ideas, leading to a practical implementation that is able to break a 512-bit key in few hours, provided we, are able to collect 300 000 timing measurements (128-bit keys can be recovered in few seconds using a personal computer and less than 10 000 samples). We therefore show that the timing attack represents an important threat against cryptosystems, which must be very seriously taken into account