Introduction to Side-Channel Analysis: Basic Concepts and Techniques
|
|
- Cornelia Hodges
- 5 years ago
- Views:
Transcription
1 Introduction to Side-Channel Analysis: Basic Concepts and Techniques Hardware security, Spring 2018 Lejla Batina March 8, 2018 Institute for Computing and Information Sciences Radboud University 1
2 Outline Introduction Timing side-channel Power side-channel Simple power analysis (SPA) EM side-channel Exotic side-channels 2
3 Lecture times and deadlines for this part of the course Lecture 1: Introduction to SCA, March 5 Lecture 2: Advanced SCA and countermeasures, March 19 Assignment 1: posted on March 19, April 2 deadline Assignment 2: posted on March 26, April 9 deadline Lecture 3: Tutorial on template attacks, March 26 Assignment 3: posted on April 2, deadline April 16 Lecture 4: Fault injection attacks, May 14 Excursion to Riscure: tba DiS SCA lab tours: March 26 via Doodle (tba) 3
4 Embedded cryptographic devices 4
5 Introduction
6 Introducing the side channel 5
7 Blackbox scenario Plaintext Cryptographic Device Ciphertext The cipher (e.g. AES) model: the fixed key (unknown to the adversary), as the parameter that takes input to generate output Analyzing the security in the blackbox scenario relates to classical cryptanalysis Can you derive the secret key by observing plaintext/ciphertext pairs? 6
8 Greybox scenario The cryptographic algorithm is implemented on a real device such as a processor, microcontroller, FPGA etc. We can observe certain physical quantities in the device s vicinity and use the additional information during cryptanalysis Can you derive the secret key by observing plaintext/ciphertext pairs and a side-channel? The side-channel is any unintentional signal that can offer us a blurry view of the algorithm s internal computations Execution time, power consumption, electromagnetic emission, sound and others 7
9 Greybox scenario Plaintext Cryptographic Device Ciphertext Leakage We have limited access to the internal computations thus we work with a greybox scenario Algorithms that are secure under a blackbox scenario may not be secure under the greybox i.e. they may have implementations that are not secure Side-channel attacks are attacks on implementations of algorithms 8
10 Side-channel attacks in the news Using EM measurements, we were able to fully extract secret signing keys from OpenSSL and CoreBitcoin running on ios devices. We also showed partial key leakage from OpenSSL running on Android..., March sidechannel_encryption_theft/ 9
11 Taxonomy of implementation attacks Active vs passive: Active i.e. tampering: the key is recovered by exploiting some abnormal behavior e.g. power glitches or laser pulses Passive i.e. eavesdropping: the device operates within its specification Invasiveness: Invasive aka expensive: the strongest type e.g. bus probing Semi-invasive: the device is de-packaged but no direct contact with the chip e.g. optical attacks that read out memory cells (or faults/glitches by voltage, power supply, clock, EM, etc.) Non-invasive aka low-cost: power/em measurements data remanence in memories cooling down is increasing the retention time Rowhammer 10
12 Timing side-channel
13 Timing side-channel 11
14 Timing side-channel: PIN verification Software for PIN code verification Input: 4-digit PIN code Output: PIN verified or rejected Process CheckPIN (pin[4]) int pin_ok=0; if (pin[0]==5) if (pin[1]==9) if (pin[2]==0) if (pin[3]==2) pin_ok=1; end end end end return pin_ok; EndProcess What are the execution times of the process for PIN inputs [0,1,2,3], [5,3,0,2], [5,9,0,0] The execution time increases as we get closer to [5,9,0,2] 12
15 Timing side-channel: Cache attacks in + Sbox... y k update Assume AES implements the Sbox with a lookup table (LUT) stored in memory Every Sbox iteration creates a table index j = input key and uses it to lookup the Sbox output, i.e. y = LUT (j) Accessing different parts of the lookup table may take different amount of time! The underlying cause is cache behavior of modern processors 13
16 Timing side-channel: Cache attacks 14
17 Timing side-channel: Cache behavior 15
18 Timing side-channel: Cache behavior 16
19 Timing side-channel: Cache behavior 17
20 Timing side-channel: Cache behavior 18
21 Timing side-channel: Cache behavior 19
22 Timing side-channel: Cache behavior 20
23 Timing attacks notes and literature One of the earliest side-channel attacks due to easy measurements Can also be exploited remotely! Shows the unpredictable effects of caches to crypto implementations Has been applied to symmetric and asymmetric cryptography P. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, CRYPTO 1996 Daniel Page. Theoretical use of cache memory as a cryptanalytic side-channel, technical report CSTR ,
24 Power side-channel
25 Power side-channel 22
26 Power side-channel: CMOS leakage CMOS is the most popular circuit style and exhibits several types of leakage The most relevant for side-channel attacks is the charge and discharge of the CMOS load capacitance a.k.a dynamic power consumption Dynamic power consumption (P dyn ) is produced by CMOS transitions from state 0 to 1 and from state 1 to 0 Thus a power analysis attack explores the fact that the dynamic power consumption depends on the data and instructions being processed P dyn = CV 2 DD P 0 1f, where C the transistor capacitance, V DD the power supply voltage, f the frequency and P 0 1 the probability of a 0 1 transition 23
27 Power side-channel: Modeling the leakage Starting point: dynamic power consumption depends on bit transitions thus we use the number of transitions to model the leakage The Hamming distance model counts the number of 0 1 and 1 0 transitions, assuming that they are equivalent Example 1: Assume a hardware register R storing the result of an AES round. The register initially contains value v 0 and gets overwritten with value v 1 The power consumption because of the register transition v 0 v 1 is related to the number of bit flips that occurred Thus it can be modeled as HammingDistance(v 0, v 1 ) = HammingWeight(v 0 v 1 ) It s common to see Hamming distances in hardware implementations (FPGA, ASIC) 24
28 Power side-channel: Modeling the leakage Example 2: In a microcontroller, assume register A with value v 0 and an assembly instruction that moves the contents of register A to register B mov rb, ra In general-purpose processors the instruction will transfer value v 0 from register A to B via the CPU, using the bus In several cases the bus is very leaky component and it is also precharged at all bits being zeros or all being one (businitialvalue) The power consumption of the assembly instruction can be modeled as HammingDistance(busInitialValue,v 0 ) = HammingWeight(v 0 0) = HW(v 0 ) It s common to see Hamming weight leakages in software implementations (AVR/ARM microcontrollers) 25
29 Power side-channel: Measurement setup Usually power measurements requires physical proximity to the device and customized measurement equipment (resistor, oscilloscope) 26
30 Power side-channel: Measurement setup 27
31 Simple power analysis (SPA)
32 SPA on AES Power consumption leakage of an AES cipher implementation on an AVR microcontroller How many rounds are executed? 28
33 SPA on AES We see 10 repeating patterns thus it s AES-128 We can even notice that the last round is smaller due to the lack of MixColumns In general, we can use the power side-channel to reverse engineer certain implementation details such as the cipher, its version, assembly instructions used etc. 29
34 SPA on RSA Square and Multiply Software for RSA modular exponentiation Input: integers x, e, n, length l of e Output: x^e mod n Process ModularExponentiation(x, e, n, l) r=1; for j=l-1 down to 0 r=r^2 mod n //square if (bit j of e) == 1 r= r*x mod n //multiply end return r; EndProcess Do you already see a timing attack? The exponent-dependent branch is causing it! Do you see a side-channel attack? The branch is the culprit again! 30
35 SPA on RSA Square and Multiply Can you find the exponent bits by visual inspection of the patterns? 31
36 SPA on RSA Square and Multiply Square and Multiply (bit==1) are lengthier operations than Square only (bit==0) Multiplications are often more power consuming compared to Squarings 32
37 Power side-channel: RSA Square and Multiply Always Trying to fix the problem we create a timing-constant implementation Process ConstantTimeModExp(x, e, n, l) r[0]=1; r[1]=1; for j=l-1 down to 0 r[0]=r[0]^2 mod n //square r[1]= r[0]*x mod n //multiply index=bit j of e r[0]=r[index] return r[0]; EndProcess Does both square and multiply to ensure constant time Still, side-channel information exists! Can you see it? Location-based leakage can lead to key recovery 33
38 Power attacks notes and literature Very powerful attacks that require proximity to the target Countermeasures on all levels required i.e. algorithm, implementation, transistor etc. P. Kocher, J. Jaffe, B. Jun. Differential Power Analysis, CRYPTO T. Eisenbarth et al. On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme, CRYPTO Mangard et al. Power Analysis Attacks, Springer, T. Kasper et al. All You Can Eat or Breaking a Real-World Contactless Payment System, Financial Cryptography J. Balasch et al. Power Analysis of Atmel CryptoMemory - Recovering Keys from Secure EEPROMs, CT-RSA
39 EM side-channel
40 Electromagnetic side-channel 35
41 EM side-channel: Probing I Observing a power signal in a complicated embedded device can be messy I Board capacitors, complicated SoCs, multiple peripherals I Countermeasures trying to flatten the power consumption signal I Use an electromagnetic probe instead I A probe is an easy way to access the power consumption with less board modifications I Smaller probes can focus on interesting locations and ignore interference from unrelated electrical components 36
42 EM side-channel: Decapsulation and Microprobing To improve spatial resolution of analysis use a micrometer-sized antenna To exploit more leakage decapsulate the chip using chemicals 37
43 EM side-channel: Decapsulation and Microprobing Left: close inspection of decapsulated ARM processor using a microscope Right: EM emission heatmap of the same chip 38
44 EM side-channel: TEMPEST project Instead of going very close, try to identify screen emission from a large distance The adversary can take a look at your screen! It was known since 1960s, declassified only in
45 EM side-channel: notes and literature EM enables side-channel attacks both in high proximity scenarios and distance scenarios Standard EM is quite cheap to perform, microprobing and TEMPEST-like scenarios can be more expensive J. -J. Quisquater and D. Samyde. ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards esmart Heyszl et al. Localized Electromagnetic Analysis of Cryptographic Implementations, CTRSA2012. K. Gandolfi et al. Electromagnetic Analysis: Concrete Results, CHES
46 Exotic side-channels
47 Exotic side-channels Exotic side-channels 41
48 Optical emission Accessing the chip SRAM cells emits photons that can be detected by a high-resolution camera Visual inspection can reveal the memory location accessed The memory location maps to a specific value (e.g. in the AES LUT), i.e. it maps directly to Sbox(in key) Since the input in is known, knowledge of the memory location reveals the key Schlösser et al. Simple Photonic Emission Analysis of AES, CHES
49 Sound emission In 1965, MI5 put a microphone near the rotor-cipher machine used by the Egyptian Embassy, the click-sound the machine produced was analyzed to deduce the core position of the machines rotors RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis, Shamir et al. Attacking a computer by listening to the high-pitched (10 to 150 KHz) sounds produced as it decrypts data Extracted 4096-bit RSA keys Using low- and high-pass filters to ensure to get only the sounds that emanate from the PC while the CPU is decrypting data Can be carried out over a distance of 4m with a high-quality microphone (or a smartphone) 43
50 Out-of-order and speculative execution January 3rd 2018 Kernel addresses were access unintentionally due to out-of-order execution Taking all possible branches may also cause issues Seems hard to patch since the culprit is the structure of a processor Meltdown and Spectre, 44
51 Attackers goals and targets Typical targets are transportation cards, medical care, RFID passports, mobile payment system, supply chain management The goals of side-channel analysis: Recover the key and data Gain anauthorized access Acquire intellectual property Privacy mining Reverse engineering Malware/intrusion detection 45
52 Attackers goals and targets Overall side-channels pose a threat to secure implementations Side-channel attacks are usually passive (i.e. just listening or eavesdropping) Some are non-invasive e.g. power analysis or simple EM probing Others are classified as semi-invasive attacks e.g. high-resolution EM or photonic side-channel, since they require decapsulation Passive and non-invasive attacks are fairly cheap to launch 46
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017 WHAT WE DO What we do Robust and Efficient Cryptographic Protocols Research in Cryptography and
More informationHOST Differential Power Attacks ECE 525
Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately, cryptographic
More informationSecurity against Timing Analysis Attack
International Journal of Electrical and Computer Engineering (IJECE) Vol. 5, No. 4, August 2015, pp. 759~764 ISSN: 2088-8708 759 Security against Timing Analysis Attack Deevi Radha Rani 1, S. Venkateswarlu
More informationECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria. Stefan Mangard.
Building Secure Hardware ECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria Stefan Mangard Infineon Technologies, Munich, Germany Stefan.Mangard@infineon.com Outline Assets and Requirements
More informationSide channel attack: Power Analysis. Chujiao Ma, Z. Jerry Shi CSE, University of Connecticut
Side channel attack: Power Analysis Chujiao Ma, Z. Jerry Shi CSE, University of Connecticut Conventional Cryptanalysis Conventional cryptanalysis considers crypto systems as mathematical objects Assumptions:
More informationFault-Based Attack of RSA Authentication
Fault-Based Attack of RSA Authentication, Valeria Bertacco and Todd Austin 1 Cryptography: Applications 2 Value of Cryptography $2.1 billions 1,300 employees $1.5 billions 4,000 employees $8.7 billions
More informationA physical level perspective
UMass CS 660 Advanced Information Assurance Spring 2011Guest Lecture Side Channel Analysis A physical level perspective Lang Lin Who am I 5 th year PhD candidate in ECE Advisor: Professor Wayne Burleson
More informationHow Do We Make Designs Insecure?
How Do We Make Designs Insecure? Gang Qu University of Maryland, College Park gangqu@umd.edu Design Automation Summer School Austin, TX June 5, 2016 Modular Exponentiation: a e (mod n) What is modular
More informationFDTC 2010 Fault Diagnosis and Tolerance in Cryptography. PACA on AES Passive and Active Combined Attacks
FDTC 21 Fault Diagnosis and Tolerance in Cryptography PACA on AES Passive and Active Combined Attacks Christophe Clavier Benoît Feix Georges Gagnerot Mylène Roussellet Limoges University Inside Contactless
More informationFault injection attacks on cryptographic devices and countermeasures Part 1
Fault injection attacks on cryptographic devices and countermeasures Part 1 Israel Koren Department of Electrical and Computer Engineering University of Massachusetts Amherst, MA Outline Introduction -
More informationSide-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck
Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck What is RSA? As we all know, RSA (Rivest Shamir Adleman) is a really secure algorithm for public-key cryptography.
More informationSoftware Engineering Aspects of Elliptic Curve Cryptography. Joppe W. Bos Real World Crypto 2017
Software Engineering Aspects of Elliptic Curve Cryptography Joppe W. Bos Real World Crypto 2017 1. NXP Semiconductors Operations in > 35 countries, more than 130 facilities 45,000 employees Research &
More informationA New Attack with Side Channel Leakage during Exponent Recoding Computations
A New Attack with Side Channel Leakage during Exponent Recoding Computations Yasuyuki Sakai 1 and Kouichi Sakurai 2 1 Mitsubishi Electric Corporation, 5-1-1 Ofuna, Kamakura, Kanagawa 247-8501, Japan ysakai@iss.isl.melco.co.jp
More informationIntroduction to Software Countermeasures For Embedded Cryptography
Introduction to Software Countermeasures For Embedded Cryptography David Vigilant UMPC Master, 1 st December, 2017 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding
More informationOutline. Embedded Security. Black-box Security. B. Gierlichs CryptArchi, Trégastel, June 2008
Outline Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration Nele Mentens 1,2, Benedikt Gierlichs 1, Ingrid Verbauwhede 1 1 K.U. Leuven, ESAT/SCD-Cosic 2 KH Limburg, IWT firstname.lastname@esat.kuleuven.be
More informationMasking as a Side-Channel Countermeasure in Hardware
Masking as a Side-Channel Countermeasure in Hardware 6. September 2016 Ruhr-Universität Bochum 1 Agenda Physical Attacks and Side Channel Analysis Attacks Measurement setup Power Analysis Attacks Countermeasures
More informationHow microprobing can attack encrypted memory
How microprobing can attack encrypted memory Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Hardware Security research since 1995 testing microcontrollers and smartcards
More informationBreaking the Bitstream Decryption of FPGAs
Breaking the Bitstream Decryption of FPGAs 05. Sep. 2012 Amir Moradi Embedded Security Group, Ruhr University Bochum, Germany Acknowledgment Christof Paar Markus Kasper Timo Kasper Alessandro Barenghi
More informationBlind Differential Cryptanalysis for Enhanced Power Attacks
Blind Differential Cryptanalysis for Enhanced Power Attacks Bart Preneel COSIC K.U.Leuven - Belgium bart.preneel(at)esat.kuleuven.be Joint work with Helena Handschuh Concept Differential cryptanalysis
More informationFault Injection Attacks and Countermeasures
Fault Injection Attacks and Countermeasures Brněnské bezpečnostní setkávání, FEKT VUT Brno Jakub Breier 28 March 2018 Physical Analysis and Cryptographic Engineering Nanyang Technological University Singapore
More informationA Countermeasure Circuit for Secure AES Engine against Differential Power Analysis
A Countermeasure Circuit for Secure AES Engine against Differential Power Analysis V.S.Subarsana 1, C.K.Gobu 2 PG Scholar, Member IEEE, SNS College of Engineering, Coimbatore, India 1 Assistant Professor
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationDifferential Computation Analysis Hiding your White-Box Designs is Not Enough
Differential Computation Analysis Hiding your White-Box Designs is Not Enough Joppe W. Bos Microsoft Research Visit, August 24, 2016 Redmond, WA, USA 1. NXP Semiconductors Operations in > 35 countries,
More informationCorrelated Power Noise Generator as a Low Cost DPA Countermeasures to Secure Hardware AES Cipher
Correlated Power Noise Generator as a Low Cost DPA Countermeasures to Secure Hardware AES Cipher Najeh Kamoun 1, Lilian Bossuet 2, and Adel Ghazel 1 1 CIRTA COM, SUP COM 2 IMS, University of Bordeaux Tunis,
More informationSide-Channel Cryptanalysis. Joseph Bonneau Security Group
Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers will always cheat xkcd #538 What is side channel cryptanalysis? Side Channels: whatever the designers ignored
More informationMulti-Stage Fault Attacks
Multi-Stage Fault Attacks Applications to the Block Cipher PRINCE Philipp Jovanovic Department of Informatics and Mathematics University of Passau March 27, 2013 Outline 1. Motivation 2. The PRINCE Block
More informationSide-Channel Protections for Cryptographic Instruction Set Extensions
Side-Channel Protections for Cryptographic Instruction Set Extensions Sami Saab, Pankaj Rohatgi, and Craig Hampel Rambus Cryptography Research Division 425 Market St Fl 11 San Francisco CA 94105 2496 {firstname}.{lastname}@cryptography.com
More informationD eepa.g.m 3 G.S.Raghavendra 4
Volume 3, Issue 5, May 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Breaking Cryptosystem
More informationCorrelated Power Noise Generator as a Low Cost DPA Countermeasure to Secure Hardware AES Cipher
Author manuscript, published in "Proceeding of the 3rd IEEE International Conference on Signals, Circuits and Systems, SCS 2009, pp. 1-6, Djerba, Tunisa, November 2009., Tunisia (2009)" Correlated Power
More informationPower-Analysis Attack on an ASIC AES implementation
Power-Analysis Attack on an ASIC AES implementation Sıddıka Berna Örs 1 Frank Gürkaynak 2 Elisabeth Oswald 3,4 Bart Preneel 1 1 Katholieke Universiteit Leuven, Dept. ESAT/SCD-COSIC, Kasteelpark Arenberg
More informationPower Analysis Attacks
Power Analysis Attacks Elisabeth Oswald Computer Science Department Crypto Group eoswald@cs.bris.ac.uk Elisabeth.Oswald@iaik.tugraz.at Outline Working principle of power analysis attacks DPA Attacks on
More informationSPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation
SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation Roman Novak Jozef Stefan Institute, Jamova 39, 00 Ljubljana, Slovenia, Roman.Novak@ijs.si Abstract. 1 We describe an adaptive chosen-ciphertext
More informationThe Design and Evaluation Methodology of Dependable VLSI for Tamper Resistance
2013.12.7 DLSI International Symposium The Design and Evaluation Methodology of Dependable VLSI for Focusing on the security of hardware modules - Tamper resistant cryptographic circuit - Evaluation tools
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationWhoamI. Attacking WBC Implementations No con Name 2017
Attacking WBC Implementations No con Name 2017 1 WHO I AM EDUCATION: Computer Science MSc in IT security COMPANY & ROLES: HCE Security Evaluator R&D Engineer WBC project Responsible of Android security
More informationPart VI. Public-key cryptography
Part VI Public-key cryptography Drawbacks with symmetric-key cryptography Symmetric-key cryptography: Communicating parties a priori share some secret information. Secure Channel Alice Unsecured Channel
More informationMemory Address Side-Channel Analysis on Exponentiation
Memory Address Side-Channel Analysis on Exponentiation Chien-Ning Chen Physical Analysis & Cryptographic Engineering (PACE) Nanyang Technological University, Singapore chienning@ntu.edu.sg Abstract. Side-channel
More informationLecture Notes 20 : Smartcards, side channel attacks
6.857 Computer and Network Security November 14, 2002 Lecture Notes 20 : Smartcards, side channel attacks Lecturer: Ron Rivest Scribe: Giffin/Greenstadt/Plitwack/Tibbetts [These notes come from Fall 2001.
More informationSIDE CHANNEL ANALYSIS : LOW COST PLATFORM. ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI
SIDE CHANNEL ANALYSIS : LOW COST PLATFORM ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI THE CEA Military Applications Division (DAM) Nuclear Energy Division (DEN) Technological Research Division
More informationInformation Security Theory vs. Reality
Information Security Theory vs. Reality 0368-4474, Winter 2015-2016 Lecture 8: Hardware security (2/2), Leakage/tamper resilience (1/2) Lecturer: Eran Tromer 1 Hardware security Invasive attacks (continued)
More informationBreaking Korea Transit Card with Side-Channel Attack
Breaking Korea Transit Card with Side-Channel Attack -Unauthorized Recharging- Black Hat Asia 2017 Tae Won Kim, Tae Hyun Kim, and Seokhie Hong Outline 1. Attack Goal & Scenario 2. Target Device Details
More informationLow Cost Attacks on Smart Cards The Electromagnetic Side-Channel
Low Cost Attacks on Smart Cards The Electromagnetic Side-Channel Adam Matthews adam[at]ngssoftware[dot]com September 2006 Abstract This paper documents a successful Electromagnetic Analysis attack implemented
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationDifferential Computation Analysis Hiding your White-Box Designs is Not Enough
Differential Computation Analysis Hiding your White-Box Designs is Not Enough Joppe W. Bos Summer school on real-world crypto and privacy Šibenik, Croatia 1. NXP Semiconductors Operations in > 35 countries,
More informationWHAT FUTURE FOR CONTACTLESS CARD SECURITY?
WHAT FUTURE FOR CONTACTLESS CARD SECURITY? Alain Vazquez (alain.vazquez@louveciennes.sema.slb.com) 1/27 AV Contents Major contactless features : summary Contactless major constraints Major security issues
More informationThis document is downloaded from DR-NTU, Nanyang Technological University Library, Singapore.
This document is downloaded from DR-NTU, Nanyang Technological University Library, Singapore. Title Interceptive side channel attack on wireless communications for IoT applications( Main Article ) Author(s)
More informationLecture 3: Symmetric Key Encryption
Lecture 3: Symmetric Key Encryption CS996: Modern Cryptography Spring 2007 Nitesh Saxena Outline Symmetric Key Encryption Continued Discussion of Potential Project Topics Project proposal due 02/22/07
More informationCryptography Research, Inc. http:
Di erential Power Analysis Paul Kocher, Joshua Ja e, and Benjamin Jun Cryptography Research, Inc. 870 Market Street, Suite 1088 San Francisco, CA 94102, USA. http: www.cryptography.com E-mail: fpaul,josh,beng@cryptography.com.
More informationPower Analysis of Atmel CryptoMemory Recovering Keys from Secure EEPROMs
Power Analysis of Atmel CryptoMemory Recovering Keys from Secure EEPROMs Josep Balasch 1, Benedikt Gierlichs 1, Roel Verdult 2, Lejla Batina 1,2, and Ingrid Verbauwhede 1 1 ESAT/COSIC, KU Leuven 2 ICIS/Digital
More informationOptical Fault Masking Attacks. Sergei Skorobogatov
Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Memory modification attacks were actively used in mid 90s to circumvent the security in microcontrollers In old chips
More informationHOW CRYPTOSYSTEMS ARE REALLY BROKEN. Adi Shamir Computer Science The Weizmann Institute Israel
HOW CRYPTOSYSTEMS ARE REALLY BROKEN Adi Shamir Computer Science The Weizmann Institute Israel What is a cryptosystem? Sending a plaintext securely from Alice to Bob: K K plaintext good morning Encryption
More informationPOWER ANALYSIS RESISTANT SRAM
POWER ANALYSIS RESISTANT ENGİN KONUR, TÜBİTAK-UEKAE, TURKEY, engin@uekae.tubitak.gov.tr YAMAN ÖZELÇİ, TÜBİTAK-UEKAE, TURKEY, yaman@uekae.tubitak.gov.tr EBRU ARIKAN, TÜBİTAK-UEKAE, TURKEY, ebru@uekae.tubitak.gov.tr
More informationThe embedded security challenge: Protecting bits at rest
The embedded security challenge: Protecting bits at rest Patrick Schaumont schaum@vt.edu Acknowledgements: Eric Simpson, Pengyuan Yu Secure Embedded Systems Group ECE Department Secret bits-at-rest Hi-Res
More informationSymmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.
Symmetric Key Encryption Symmetric Key Encryption and 3- Tom Chothia Computer Security: Lecture 2 Padding Block cipher modes Advanced Encryption Standard ( AES ) AES is a state-of-the-art block cipher.
More informationON PRACTICAL RESULTS OF THE DIFFERENTIAL POWER ANALYSIS
Journal of ELECTRICAL ENGINEERING, VOL. 63, NO. 2, 212, 125 129 COMMUNICATIONS ON PRACTICAL RESULTS OF THE DIFFERENTIAL POWER ANALYSIS Jakub Breier Marcel Kleja This paper describes practical differential
More informationEfficient Use of Random Delays
Efficient Use of Random Delays Olivier Benoit 1 and Michael Tunstall 2 1 Gemalto olivier.banoit@gemalto.com 2 Royal Holloway, University of London m.j.tunstall@rhul.ac.uk Abstract Random delays are commonly
More informationSymmetric Key Algorithms. Definition. A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting.
Symmetric Key Algorithms Definition A symmetric key algorithm is an encryption algorithm where the same key is used for encrypting and decrypting. 1 Block cipher and stream cipher There are two main families
More informationMasking the Energy Behavior of DES Encryption
Masking the Energy Behavior of DES Encryption H. Saputra, N. Vijaykrishnan, M. Kandemir, M. J. Irwin, R. Brooks, S. Kim and W. Zhang Computer Science and Engineering, Applied Research Lab The Pennsylvania
More informationPractical Electromagnetic Template Attack on HMAC
Practical Electromagnetic Template Attack on HMAC Pierre Alain Fouque 1 Gaétan Leurent 1 Denis Réal 2,3 Frédéric Valette 2 1ENS,75Paris,France. 2CELAR,35Bruz,France. 3INSA-IETR,35Rennes,France. September
More informationWhite-Box Cryptography State of the Art. Paul Gorissen
White-Box Cryptography State of the Art Paul Gorissen paul.gorissen@philips.com Outline Introduction Attack models White-box cryptography How it is done Interesting properties State of the art Conclusion
More informationOutline. Trusted Design in FPGAs. FPGA Architectures CLB CLB. CLB Wiring
Outline Trusted Design in FPGAs Mohammad Tehranipoor ECE6095: Hardware Security & Trust University of Connecticut ECE Department Intro to FPGA Architecture FPGA Overview Manufacturing Flow FPGA Security
More informationWhite-Box Cryptography
Based on: J. W. Bos, C. Hubain, W. Michiels, P. Teuwen. In CHES 2016: Differential computation analysis: Hiding your white-box designs is not enough. White-Box Cryptography Don't Forget About Grey Box
More informationLecture 4: Symmetric Key Encryption
Lecture 4: Symmetric ey Encryption CS6903: Modern Cryptography Spring 2009 Nitesh Saxena Let s use the board, please take notes 2/20/2009 Lecture 1 - Introduction 2 Data Encryption Standard Encrypts by
More informationDifferential Computation Analysis Hiding your White-Box Designs is Not Enough. Joppe W. Bos
Differential Computation Analysis Hiding your White-Box Designs is Not Enough Joppe W. Bos 1. Who am I Finished PhD@laboratory for cryptologic algorithms at EPFL, Lausanne, Switzerland under supervision
More informationFlash Memory Bumping Attacks
Flash Memory Bumping Attacks Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Data protection with integrity check verifying memory integrity without compromising
More informationPower Analysis Attacks against FPGA Implementations of the DES
Power Analysis Attacks against FPGA Implementations of the DES François-Xavier Standaert 1, Sıddıka Berna Örs2, Jean-Jacques Quisquater 1, Bart Preneel 2 1 UCL Crypto Group Laboratoire de Microélectronique
More informationALIKE: Authenticated Lightweight Key Exchange. Sandrine Agagliate, GEMALTO Security Labs
ALIKE: Authenticated Lightweight Key Exchange Sandrine Agagliate, GEMALTO Security Labs Outline: Context Description of ALIKE Generic description Full specification Security properties Chip Unforgeability
More informationOn Analyzing Program Behavior Under Fault Injection Attacks
On Analyzing Program Behavior Under Fault Injection Attacks Jakub Breier Physical Analysis and Cryptographic Engineering Nanyang Technological University, Singapore jbreier@ntuedusg Abstract Fault attacks
More informationCache-timing attack against aes crypto system - countermeasures review
Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 2014 Cache-timing attack against aes crypto system - countermeasures
More informationSide-Channel Countermeasures for Hardware: is There a Light at the End of the Tunnel?
Side-Channel Countermeasures for Hardware: is There a Light at the End of the Tunnel? 11. Sep 2013 Ruhr University Bochum Outline Power Analysis Attack Masking Problems in hardware Possible approaches
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationProfiled Model Based Power Simulator for Side Channel Evaluation
Profiled Model Based Power Simulator for Side Channel Evaluation Nicolas Debande 1,2, Maël Berthier 1, Yves Bocktaels 1 and Thanh-Ha Le 1 1 Morpho 18 chaussée Jules César, 95520 Osny, France firstname.familyname@morpho.com
More informationChapter 2 Introduction to Side-Channel Attacks
Chapter 2 Introduction to Side-Channel Attacks François-Xavier Standaert 2.1 Introduction A cryptographic primitive can be considered from two points of view: on the one hand, it can be viewed as an abstract
More informationLecture IV : Cryptography, Fundamentals
Lecture IV : Cryptography, Fundamentals Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University Spring 2012 Basic Principles
More informationEmbedded System Security. Professor Patrick McDaniel Charles Sestito Fall 2015
Embedded System Security Professor Patrick McDaniel Charles Sestito Fall 2015 Embedded System Microprocessor used as a component in a device and is designed for a specific control function within a device
More informationKeywords Security, Cryptanalysis, RSA algorithm, Timing Attack
Volume 4, Issue 1, January 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Performance
More informationApplying TVLA to Public Key Cryptographic Algorithms. Michael Tunstall Gilbert Goodwill
Applying TVLA to Public Key Cryptographic Algorithms Michael Tunstall Gilbert Goodwill Introduction Test Vector Leakage Assessment (TVLA) was proposed in 2012 Efficient in evaluating the presence of leakage
More informationHow Safe is Anti-Fuse Memory? IBG Protection for Anti-Fuse OTP Memory Security Breaches
How Safe is Anti-Fuse Memory? IBG Protection for Anti-Fuse OTP Memory Security Breaches Overview A global problem that impacts the lives of millions daily is digital life security breaches. One of the
More informationELECTRONICS DEPARTMENT
ELECTRONICS DEPARTMENT By Eng. 28 th Mar MUSTAFA 2012 M. Efficient SHIPLEImplementation of AES Algorithm Immune to DPA Attack Cryptography processing plaintext cipher text format Block Cipher Stream Cipher
More informationExternal Encodings Do not Prevent Transient Fault Analysis
External Encodings Do not Prevent Transient Fault Analysis Christophe Clavier Gemalto, Security Labs CHES 2007 Vienna - September 12, 2007 Christophe Clavier CHES 2007 Vienna September 12, 2007 1 / 20
More information1-7 Attacks on Cryptosystems
1-7 Attacks on Cryptosystems In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from
More informationPublic-Key Cryptography
Computer Security Spring 2008 Public-Key Cryptography Aggelos Kiayias University of Connecticut A paradox Classic cryptography (ciphers etc.) Alice and Bob share a short private key using a secure channel.
More informationFault-based Cryptanalysis on Block Ciphers
LIRMM / university of Montpellier COSADE 2017, Thursday April 13 2017, Paris, France 1/ 62 Outline 1 2 Fault Model Safe Error Attack DFA Statistical Fault Attack 3 Analog Level Digital Level Application
More informationPrecise Fault-Injections using Voltage and Temperature Manipulation for Differential Cryptanalysis
Precise Fault-Injections using Voltage and Temperature Manipulation for Differential Cryptanalysis Raghavan Kumar $, Philipp Jovanovic e and Ilia Polian e $ University of Massachusetts, 12 USA e University
More information2/13/2014. What is Tamper Resistance? IBM s Attacker Categories. Protection Levels. Classification Of Physical Attacks.
What is Tamper Resistance? Physical and Tamper Resistance Mohammad Tehranipoor Updated/Modified by Siavash Bayat Sarmadi Resistance to tampering the device by either normal users or systems or others with
More informationHardware Security Challenges and Solutions. Mike Bartley TVS, Founder and CEO
Hardware Security Challenges and Solutions Mike Bartley TVS, Founder and CEO Agenda Some background on your speaker and testing safety related systems Threats and solutions Verifying those solutions Bare
More informationSynthesis of Fault-Attack Countermeasures for Cryptographic Circuits
Synthesis of Fault-Attack Countermeasures for Cryptographic Circuits Hassan Eldib, Meng Wu, and Chao Wang CAV, July 23, 2016 Cryptographic Algorithm: an example Plaintext Chip Ciphertext 0110 1001 1011
More informationDeKaRT: A New Paradigm for Key-Dependent Reversible Circuits
DeKaRT: A New Paradigm for Key-Dependent Reversible Circuits Jovan D. Golić System on Chip, Telecom Italia Lab Telecom Italia Via Guglielmo Reiss Romoli 274, I-00148 Turin, Italy jovan.golic@tilab.com
More informationInformation Security Theory vs. Reality
Information Security Theory vs. Reality 0368-4474, Winter 2015-2016 Lecture 5: Side channels: memory, taxonomy Lecturer: Eran Tromer 1 More architectural side channels + Example of a non-cryptographic
More informationThe Davies-Murphy Power Attack. Sébastien Kunz-Jacques Frédéric Muller Frédéric Valette DCSSI Crypto Lab
The Davies-Murphy Power Attack Sébastien Kunz-Jacques Frédéric Muller Frédéric Valette DCSSI Crypto Lab Introduction Two approaches for attacking crypto devices traditional cryptanalysis Side Channel Attacks
More informationOn the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting
On the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting Amir Moradi 1, Oliver Mischke 1, Christof Paar 1, Yang Li 2, Kazuo Ohta 2, and Kazuo Sakiyama 2 1 Horst
More informationSide-Channel Attack on Substitution Blocks
Side-Channel Attack on Substitution Blocks Roman Novak Jozef Stefan Institute, Jamova 39, 1000 Ljubljana, Slovenia, Roman.Novak@ijs.si Abstract. 1 We describe a side-channel attack on a substitution block,
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationA Fault Attack Against the FOX Cipher Family
A Fault Attack Against the FOX Cipher Family L. Breveglieri 1,I.Koren 2,andP.Maistri 1 1 Department of Electronics and Information Technology, Politecnico di Milano, Milano, Italy {brevegli, maistri}@elet.polimi.it
More informationInformation Leakage Attacks Against Smart Card Implementations of Cryptographic Algorithms and Countermeasures A Survey
Information Leakage Attacks Against Smart Card Implementations of Cryptographic Algorithms and Countermeasures A Survey Erwin Hess 1, Norbert Janssen 2, Bernd Meyer 1, and Torsten Schütze 1 1 Siemens AG,
More informationINTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)
INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN 0976 ISSN 0976 6464(Print)
More informationAnalysis and Design of Clock-glitch Fault Injection within an FPGA
Analysis and Design of Clock-glitch Fault Injection within an FPGA by Masoumeh Dadjou A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Master
More informationUniversal Exponentiation Algorithm
Published in Ç. K. Koç, D. Naccache, and C. Paar, Eds., Cryptographic Hardware and Embedded Systems CHES 2001, vol. 2162 of Lecture Notes in Computer Science, pp. 300 308, Springer-Verlag, 2001. Universal
More informationLecture Note 9 ATTACKS ON CRYPTOSYSTEMS II. Sourav Mukhopadhyay
Lecture Note 9 ATTACKS ON CRYPTOSYSTEMS II Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Birthday attack The Birthday attack makes use of what s known as the Birthday paradox to try to
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More information