How Do We Make Designs Insecure?

Size: px

Start display at page:

Download "How Do We Make Designs Insecure?"

Kenneth Malone
5 years ago
Views:

1 How Do We Make Designs Insecure? Gang Qu University of Maryland, College Park Design Automation Summer School Austin, TX June 5, 2016 Modular Exponentiation: a e (mod n) What is modular exponentiation? (mod 10) because 2 4 = 16 A critical operation in cryptography Diffie-Hellman key exchange (a X_B ) X_A =(a X_A ) X_B (mod n) RSA public key encryption C = P e (mod n) P = C d (mod n) 34, 987,317 10,357,198 (mod 510,926,533,897) a 16 = (a 8 ) 2 = (a 2 ) 2 ) 2 ) 2 Square and multiply a 23 = (a 16 )(a 4 )(a 2 )(a 1 ) Dr. Gang Qu (gangqu@umd.edu) M 1

2 Modular Exponentiation: a e (mod n) Goal: Compute a e (mod n) 1. convert e to binary: k s k s-1 k 1 k 0 2. b = 1; 3. for (i=s; i>=o; i--) 4. { b = b*b (mod n); 5. if (k i == 1) 6. b = b * a (mod n) 7. } 8. return b; Side channel attacks! Observable side channel info during hardware execution: current, power, timing, The value of bit k i determines whether this non-trivial operation will be required. Dr. Gang Qu (gangqu@umd.edu) Power Analysis Attacks Dr. Gang Qu (gangqu@umd.edu) 4 M 2

3 What Does Trust Mean? Find a 3 rd degree polynomial f(x) s.t. f(1) = 0 f(2) = 0 Answers: 1. f(x) = x 2-3x+2 = (x-1)(x-2) 2. f(x) = x 3-2x 2 -x+2 = (x-1)(x-2)(x+1) 3. f(x) = x 3-4x 2 +5x-2 = (x-1) 2 (x-2) 4. f(x) = x 3-5x 2 +8x-4 = (x-1)(x-2) 2 Which one(s) can be trusted? 5 Trust in Circuit/System Design Question: 3-input encoder Optimal design: Problems: a = z, b = y On input 000, outputs 11 On input 011 or 111, output 00 Trusted design: a = (x y)z, b = (x y)z 00: invalid code x y z a b Dr. Gang Qu (gangqu@umd.edu) 6 M 3

4 Trust in Circuit/System Design A B x A B Trust in Circuit/System Design A B x A B M 4

5 Trust in Circuit/System Design What I want 1/0 11 0/1 What I get works, but is untrusted. There are backdoors! A B x A B Finding the Backdoors Who can reach state 00 Required: S(00)=φ Designed: S(00)={00,01,10,11}; Random Walk Attack in the given design/system: 1. start from a random state 2. give a random input 3. if (new state == 00) successful attack; break; 4. else 1/0 goto step /1 Dr. Gang Qu (gangqu@umd.edu) 10 M 5

6 Malicious Designs Hardware Trojan horse: adding hidden access to 00 [Dunbar and Qu, TECS 14] [Dunbar and Qu, IWLS 13] 11 Optical Fault Injection Attacks [Sergei and Anderson et al, CHES 2002] Dr. Gang Qu 12 M 6

HW in security: Enabler Enhancer Enforcer 14

7 Hardware in Security and Trust Evolving role of HW in security: Enabler Enhancer 13 Hardware in Security and Trust Evolving role of HW in security: Enabler Enhancer Enforcer 14 M 7

8 Hardware in Security and Trust Be careful Evolving role of HW in security: where you store Enabler the key Enhancer Enforcer 15 Physical Attacks Reverse engineering Side channel attacks Microprobing Fault generation Software attacks Be careful where you store the key [Ross Anderson, Security Engineering 2001] Dr. Gang Qu 16 M 8

9 Hardware in Security and Trust Evolving role of HW in security: Enabler Enhancer Enforcer Hardware in Security and Trust Evolving role of HW in security: Enabler Enhancer Enforcer Weakest Link? M 9

10 SCA: Attackers with Good Ears Side channel analysis attacks: Monitor/measure chip s physical characteristics during its normal operation Perform data analysis to learn information Side channels: cache memory, power, current, timing, scan chain, EM radiation, output signal, Dr. Gang Qu (gangqu@umd.edu) 19 Side Channel: Power and Current Source of power consumption Dynamic power Leakage current Short circuit and others Why data may leak from power/current Dynamic power: P C V 2 f C: effective capacitance Leakage current: depend on the input vectors Input Leakage(nA) Leakage current in a 2-input NAND Gang Qu (gangqu@umd.edu) 20 M 10

11 Side Channel: Timing or Delay Source of timing and delay Execution time required to complete an operation Why data may leak from timing/delay Control flow Data dependency Cache miss Pipeline stall x = x * y; y=0; y=1; y=64; y =190; if (a!=b) x=8; T x = 8; else x=c-d; a!= b F x = Gang Qu (gangqu@umd.edu) 21 Side Channel: Scan Chain Source of scan chain channel On-chip registers (scan flip flops) Why data may leak from scan chain System internal state can be read directly from scan out port during testing mode SI CLK TC SFF 1 D Q SFF 2 Q SFF 3 Q D D D D 0Q' 0Q' 1Q' 1Q' 1Q' CUT SFF 4 Q SFF 5 Gang Qu (gangqu@umd.edu) 22 M 11

12 Data Remanence Data remanence in SRAM Retaining data after power down Retrieve data after power down Data burned-in after long time storage Retrieve data right after power up Data frozen at low temperature (-20 o C) Freeze data and read it Data remanence in EEPROM and Flash V th changes after write/erase Extract data after multiple write/erase Gang Qu (gangqu@umd.edu) 23 Fault Injection Attacks Idea Have the chip/system execute with faulty or unexpected input/command Observe chip/system execution Fault generation techniques Glitches (clock, power) Temperature White light, laser X-ray and ion beams Electromagnetic Gang Qu (gangqu@umd.edu) 24 M 12

13 Fault Injection Attacks: Idea Bob is counting his dollar coins and pennies. You ask him how much money he has, but he tells you that the total weight is 24 grams. a dollar coin: 8 grams, a penny: 3 grams 3 dollars or 8 cents. Distract Bob or get him drunk so he counts a dollar as a penny or the other way around and tells you the total weight is 29 grams: 8+3x7 1 dollar (error), 7 pennies 8 cents 19 grams: 8x2+3 2 dollars, 1 penny (error) 3 Gang Qu (gangqu@umd.edu) 25 Fault Injection Attacks: Glitch Glitch is a fast change in chip s supply signals (power and clock). Affect some transistors or flip-flops Attack by a systematic search Clock glitch Incorrect instruction fetch Power glitches Corrupted EEPROM data read Break AES on secure Gang Qu (gangqu@umd.edu) 26 M 13

14 Internet of Things Smart Home Smart City IoT Security Smart Grid Smart Me Smart Car Dr. Gang Qu Image source: ST Microelectronics 27 By 2020, IoT will have 4 Billion connected users $4 Trillion business 25+ Million of Apps 25+ Billion of devices/systems 50 Trillion GBs of data INTERNET Hardware is the Root of IoT of THINGS Hardware building blocks: CMOS, RRAM, Analog, M 14

Security is the Key for IoT Safety, reliability, trust, privacy, policy, Secure hardware throughout its lifetime This is a hard problem Smart City Smart Me Security Smart Home Smart Grid Smart Car

15 Security is the Key for IoT Safety, reliability, trust, privacy, policy, Secure hardware throughout its lifetime This is a hard problem Smart City Smart Me Security Smart Home Smart Grid Smart Car *Source: ST Microelectronics Dr. Gang Qu (gangqu@umd.edu) Source: DARPA BAA Trust for IC 29 EDA Meets Designing the Things Needs: Function Miniature/size Performance Cost Low power Reliability Safety EDA tools Many (IoT devices) will not be the typical designs that are pushing Moore s Law. Many (IoT devices) may be smaller, lower performance devices that do not necessarily need the latest and greatest process technology. Dr. Gang Qu (gangqu@umd.edu) 30 M 15

16 EDA Meets Designing the Things Needs: Function Miniature/size Performance Cost Low power Reliability Safety EDA tools There is nothing new or different about the functionality of EDA tools for the IoT. implementation (of IoT devices) can benefit from all the years of development of multivoltage design techniques applied to mature semiconductor process. Dr. Gang Qu 31 EDA Meets Designing the Things Needs: Function Miniature/size Performance Cost Low power Reliability Safety EDA tools X X X? More Needs: Security Privacy Trust Lower power Hardware has advantages in meeting these needs! [Qu and Yuan, ICCAD 2014] Dr. Gang Qu (gangqu@umd.edu) 32 M 16

system Cryptography, software, hardware, network, communication, device, USER, Hardware is the root of security,

17 Conclusion: Nobody Is An Island Security, privacy, trust issues remain as long as currency (including bitcoin) exists Attacking surface grows faster than countermeasures No system is an island, a holistic approach to build secure system Cryptography, software, hardware, network, communication, device, USER, Hardware is the root of security, trust, privacy Enabler, Enhancer, Enforcer Dr. Gang Qu (gangqu@umd.edu) 33 Conclusion 3748 Dr. Gang Qu (gangqu@umd.edu) 34 M 17

Fault-Based Attack of RSA Authentication

Fault-Based Attack of RSA Authentication, Valeria Bertacco and Todd Austin 1 Cryptography: Applications 2 Value of Cryptography $2.1 billions 1,300 employees $1.5 billions 4,000 employees $8.7 billions