SIDE CHANNEL ANALYSIS : LOW COST PLATFORM. ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI

Transcription

1 SIDE CHANNEL ANALYSIS : LOW COST PLATFORM ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI

2 THE CEA Military Applications Division (DAM) Nuclear Energy Division (DEN) Technological Research Division (DRT) Materials Sciences Division Life Sciences Division Mission DAM : France s national security independence Mission DEN : France s energy independence Mission DRT : French business economic competitiveness 2

3 PHYSICAL ATTACKS AGAINST INTEGRATED CIRCUITS OBJECTIVE: Recover secret data like cryptographic keys even for algorithms proven to be secure in theory! The weakness: Those algorithmes are implemented on devices that bear intrinsic weaknesses! Cheaper equipment and faster to implement than invasive attacks «Invasive attacks» by reverse-engineering «Non-invasive attacks» thru side channel information leakages «Semi-invasive attacks» by fault injections 3

4 SIDE CHANNEL ATTACKS Timing measurements Statistical analysis of power consummed Statistical analysis of Electromagnetic waves emitted Against any type of algorithm DES, AES, RSA, ECC, Pairings, proprietary algorithms to retrieve secret keys or reverse-engineer the implemented algorithms. 4

5 AS A CONSEQUENCE. Connected devices using sophisticated cryptography. The channel can hence be secure thanks to the use of cryptography. But if a hacker can have physical access to one of the devices, (s)he might retrieve the cryptographic keys used and decrypt the transmitted data!! 5

6 Communication vulnerabilities - Bob, Alice (lovers ) want to communicate Bob Alice 6 6

7 Communication vulnerabilities - Bob, Alice (lovers!) want to communicate - Trudy (intruder) may : intercept, Trudy Bob Alice 7 7

8 Communication vulnerabilities - Bob, Alice (lovers!) want to communicate - Trudy (intruder) may : intercept, delete, change the message content, Trudy Bob Alice 8 8

9 Encrypt Solution : cryptography application - Bob, need to communicate securely with Alice! - May be encryption is the solution!! Decrypt Bob Alice 9 9

10 10 Advanced Encryption Standard Initial Round AddRoundKey Plain Text initial Key K0 AES is a symetric encryption algorithm. Round 1:9 ShiftRows MixColumns AddRoundKey Key of Roud k1:k9 3 Time* Brute force attack vs Key size Key seize Possible combinations Time 128 Bits x10 18 years (1 billion billion years) Round 10 SubBytes ShiftRows AddRoundKey K10 (Keu of round 10) 192 Bits x10 37 years 256 Bits ,31x10 56 years Cipher text *Faster supercomputer Pentaflops = x Flops [Flops = Floating point operations per second]

11 11 Extract the secret key (128-bits) from the AES (Advanced Encryption Standard) implemented in Software on 32-bits Microcontroller The key Value : 0x2B7E AED2A6 ABF CF4F3C The platform is mobile and low cost

12 12 1- Automatic acquisition of Electro-Magnetic field Control Unit : RASPBERRY PI3 Measurements (consumption, EM) VGA U S B U S B USB Coax/prob Acquisitions SMA U A R T EM Probe Target

13 13 Automatic acquisition of Electro-Magnetic traces Control Unit : RASPBERRY PI3 Measurements (consumption, EM) VGA U S B U S B USB Coax/prob Acquisitions SMA U A R T EM Probe Target Type Countermeasures HW/SW Target Cryptographic application Architecture Microcontroller none AES 128-bits 32-bits

14 2-CORRELATION STATISTCAL ANALYSIS Voltage m : Number of samples/trace time Text1 Text2 Textn Correlation Keyi (1 byte) and i = {0,2,...255} et keyi = i Keyi Text1 Text2 SUBBYTE Consumption model Ex: Hamming weight 0.8 Correlation trace associated to the correct key guess Textn

15 ACTIVITIES OF THE CEA ON HARDWARE SECURITY Are your secret/sensitive data safe in there? Is your program being correctly executed? Can your hardware be trusted? Characterisation State of the art characterisation benchs: EM, laser, Vcc, clock State of the art analysis techniques against crypto algorithms (AES, Pairings ) Analysis of communication protocols (contactless, WLoPAN ) IoT intrusion detection system Software analysis tools CESTI: French ANSSI-accredited HW evaluation lab (Common Criteria, EMVCo ) Secure solutions Hardware and software countermeasures for secure implementations of crypto algorithms Shields, new technologies Run-time countermeasures Node bootstrapping and key management protocols Secure transport layer security protocols Trust anchors for industrial systems Physically Unclonable Functions Certification aspects Implementation of new structures Robustness analyses Integrity verification Off chip side-channel based approach Off chip active clock-based approach On chip sensor-based approach IoT network integrity verification 15

16 Thank you Contact : Driss ABOULKASSIM driss.aboulkassimi@cea.fr for your attention Questions? Commissariat à l énergie atomique et aux énergies alternatives 17 rue des Martyrs Grenoble Cedex Établissement public à caractère industriel et commercial RCS Paris B