Introduction to Software Countermeasures For Embedded Cryptography
|
|
- Ronald Horton
- 5 years ago
- Views:
Transcription
1 Introduction to Software Countermeasures For Embedded Cryptography David Vigilant UMPC Master, 1 st December, 2017
2 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding Timing Attacks Regarding SPA-SEMA Regarding Statistical Side-Channel Attacks Regarding Fault Attacks 3 Application Examples for some Cryptographic Algorithms Application examples for RSA-CRT Application examples for AES Conclusion 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 2 / 89
3 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding Timing Attacks Regarding SPA-SEMA Regarding Statistical Side-Channel Attacks Regarding Fault Attacks 3 Application Examples for some Cryptographic Algorithms Application examples for RSA-CRT Application examples for AES Conclusion 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 3 / 89
4 Resistance of Embedded Implementations Given a key size, the cryptographic algorithm has an inherent theoretical resistance to cryptanalysis But One implementation on one machine has its own resistance regarding implementation attacks 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 4 / 89
5 Attacks on Embedded Implementations Different techniques may be use to infer sensitive data of a cryptographic implementation: Timing Attacks (TA) Simple Side-Channel Attacks (SSCA) Statistical Side-Channel Attacks (DSCA) Fault Attacks (FA) ) Attack set up may be easier to put in place on embedded implementation, since the attacker has the device in hand 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 5 / 89
6 Attacks on Embedded Implementations Timing Attacks (TA) : Measure the crypto process timing for several input values ) From timing exploitation, sensitive data may be inferred 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 6 / 89
7 Attacks on Embedded Implementations Simple Side-Channel Attacks (SSCA) : Simple Power Analysis (SPA) : Measure power consumption of devices Simple ElectroMagnetism Analysis (SEMA) : Measure electromagnetic field emanated from devices ) From the exploitation of a trace of one execution, sensitive data may be inferred 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 7 / 89
8 Attacks on Embedded Implementations Statistical Side-Channel Attacks (DSCA) : Differential Power Analysis (DPA/DEMA) Correlation Power Analysis (CPA/CEMA) Linear Regression Analysis (LRA) Template Analysis (TPA) / Deep Learning Attacks (DLA) ) From traces of several executions, statistics may be exploited to deduce information about sensitive data 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 8 / 89
9 Attacks on Embedded Implementations Fault Attacks (FA) : Disturb the computation (Program flow or Data) by different ways Temperature Voltage/Clock Glitch EM injection Laser... ) From the exploitation of faulty (and correct) results or behaviors, sensitive data may be inferred 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 9 / 89
10 Hardware Limitations It seems difficult to implement protections all in hardware (HW): Surface limitation: ) Implementing insecure crypto algorithms all in HW can even be too costly HW imperfection (increased under extreme conditions): ) The combination of HW and software(sw) countermeasures(cms) may give more confidence Remark A lot of very efficient HW countermeasures exist, they are not discussed here 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 10 / 89
11 Embedded Crypto - Hardware Architecture Example of architecture in embedded devices: ) Coprocessor may implement arithmetic operations (e.g modular multiplication) ) Coprocessor may implement block ciphers with some CMs 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 11 / 89
12 Embedded Crypto - Hardware Architecture Embedded devices have typically limited resources: CPU: 8, 16, or 32 bits instructions Frequency: several dozens of Megahertz RAM: 1 or 2 Kbytes at most for crypto implementation NVM reserved for constants and program: several dozens of Kbytes ) The overhead added by the countermeasure must be monitored carefully 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 12 / 89
13 Certification and Resistance Assessment In the context of the certification (Common Criteria, EMVCo,...) of a product: Source code may be audited to detect weaknesses Implementation attacks may be tested in practice by mandated labs Vulnerabilities may lead to the failure of certification 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 13 / 89
14 Countermeasures and Intellectual Property Innovative countermeasures may be patented: It may protect from counterfeit Its usage may be licensed 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 14 / 89
15 Out of scope Definition White Box Crypto (WBC) is the name for embedded crypto running in an environment totally manageable by the attacker. In particular, the attacker has access to and has control of: Every processor register (including Program Counter) Every memory cell Code execution (i.e. complete debuging capability) ) WBC implementations need dedicated countermeasures ) WBC countermeasures are out of the scope of this presentation 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 15 / 89
16 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding Timing Attacks Regarding SPA-SEMA Regarding Statistical Side-Channel Attacks Regarding Fault Attacks 3 Application Examples for some Cryptographic Algorithms Application examples for RSA-CRT Application examples for AES Conclusion 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 16 / 89
17 Avoid Vulnerabilities regarding TA Rule Avoid any timing difference linked to input data and/or internal sensitive data that could lead to the secret recovery Countermeasure Balanced Branches: Balance sensitive "if...then..." branches by injecting events Countermeasure No Branch: Eliminate branches and design programs with constant timing 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 17 / 89
18 Avoid Vulnerabilities regarding TA Example: A user must be authenticated by entering a 8 byte key The program grants access to the user only if the key value is the expected one The program runs on an 8-bit CPU Remark: The expected security strength is st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 18 / 89
19 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" Each byte is compared one by one by the program 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 19 / 89
20 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" Each byte is compared one by one by the program 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 19 / 89
21 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" The attacker tries the 2 8 possible values for the i th byte, i starting from 0 The attacker measures the process timing 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 20 / 89
22 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" The attacker tries the 2 8 possible values for the i th byte, i starting from 0 The attacker measures the process timing 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 21 / 89
23 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" The attacker tries the 2 8 possible values for the i th byte, i starting from 0 The attacker measures the process timing If the guess is incorrect, the program ends after the comparison Shorter timing 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 22 / 89
24 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" The attacker tries the 2 8 possible values for the i th byte, i starting from 0 The attacker measures the process timing If the guess is correct, the program executes the next comparison Longer timing 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 23 / 89
25 Avoid Vulnerabilities regarding TA Example (continued): Entered Key : x0 x1 x2 x3 x4 x5 x6 x7 Expected Key : k0 k1 k2 k3 k4 k5 k6 k7 Naive program: if x0 = k0 then if x1 = k1 then if x2 = k2 then if x3 = k3 then if x4 = k4 then if x5 = k5 then if x6 = k6 then if x7 = k7 then "user granted" else "failure" The attacker tries the 2 8 possible values for the i th byte, i starting from 0 The attacker measures the process timing ) The security strength can be decreased to = 2 11!! 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 24 / 89
26 Avoid Vulnerabilities regarding TA Countermeasure Balanced Branches: Balance sensitive "if...then..." branches by injecting events Equal = 0, Difference = 1, Status = 0 for (i from 0 to 7) do { if xi = ki then Status = Equal else Status = Difference } if Status = Equal then "user granted" else "failure" (Timing balance to be verified practically) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 25 / 89
27 Avoid Vulnerabilities regarding TA Countermeasure No Branch: Eliminate branches and design programs with constant timing Status = 0 for (i from 0 to 7) do Status = Status (xi ki) if Status = 0 then "user granted" else "failure" 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 26 / 89
28 Avoid Vulnerabilities regarding SPA-SEMA Rule Avoid any flow difference (leading to a difference in the trace) linked to input data and/or internal sensitive data that could lead to the secret recovery Countermeasure Balanced Branches: Introduce or Modify events to remove differences in the flow Countermeasure No Branch: Eliminate branches and design programs with constant flow 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 27 / 89
29 Avoid Vulnerabilities regarding SPA-SEMA Example: Implementation of a binary exponentiation algorithm Compute S = m d mod N, d =(d 0, d 1,...,d L 1 ) 2 Naive Binary Algorithm: A = 1 for (i from 0 to L 1) do { A = A A mod N if d i = 1 then A = A m mod N } return(a) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 28 / 89
30 Avoid Vulnerabilities regarding SPA-SEMA Example: Implementation of a binary exponentiation algorithm Compute S = m d mod N, d =(d 0, d 1,...,d L 1 ) 2 Naive Binary Algorithm Trace: 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 29 / 89
31 Avoid Vulnerabilities regarding SPA-SEMA Example: Implementation of a binary exponentiation algorithm Compute S = m d mod N, d =(d 0, d 1,...,d L 1 ) 2 Naive Binary Algorithm Trace: 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 30 / 89
32 Avoid Vulnerabilities regarding SPA-SEMA Example (Continued): Countermeasure Balanced Branches: Introduce events to remove differences in the flow Square and Multiply Always Algorithm: A = 1 for (i from 0 to L 1) do { A = A A mod N if d i = 1 then A = A m mod N else B = A m mod N} (Dummy Multiplication) return(a) +33% process timing compared to naive method (Flow balance to be verified practically) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 31 / 89
33 Avoid Vulnerabilities regarding SPA-SEMA Example (Continued): Countermeasure No Branch: Design programs with constant flow Montgomery Ladder Algorithm: A 0 = 1, A 1 = m for (i from 0 to L 1) do { A d i = A d i A di mod N A di = A 2 d i mod N } return(a 0 ) +33% process timing compared to naive method (Flow balance to be verified practically) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 32 / 89
34 Avoid Vulnerabilities regarding DSCA Rule Given the power of an attacker, detect and remove the appearance of all intermediate sensitive values, that could lead to the secret recovery 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 33 / 89
35 Avoid Vulnerabilities regarding DSCA Example: The attacker is able to exploit a hamming weight leakage by CPA The attacker can choose the value of a byte X In the algorithm, X should be XORed with a sensitive byte Y 1 The attacker acquires power traces for different input values 2 The attacker localizes the targeted XOR, and synchronizes curves on this operation 3 For each of the 2 8 guesses, the attacker calculates the correlation coefficient between the hamming weight of XOR result, and the samples of the power traces acquired 4 The attacker can reduce the space of possible values for Y, if the correct guess gives one of the best scores 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 34 / 89
36 Avoid Vulnerabilities regarding DSCA Countermeasure Secret Sharing: If the attacker has the power to realize a DSCA of order n 1 If a sensitive value X is targeted The sensitive value X can be split in n random shares, X 0, X 1, X n 1 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 35 / 89
37 Avoid Vulnerabilities regarding DSCA Countermeasure Secret Sharing: If the attacker has the power to realize a DSCA of order n 1 If a sensitive value X is targeted The sensitive value X can be split in n random shares, X 0, X 1, X n 1 Example: Additive sharing X = X 1 + X 2, where X 1 and X 2 are random values Only X 1 and X 2 are manipulated in the implementation 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 36 / 89
38 Avoid Vulnerabilities regarding DSCA Countermeasure Secret Sharing: If the attacker has the power to realize a DSCA of order n 1 If a sensitive value X is targeted The sensitive value X can be split in n random shares, X 0, X 1, X n 1 Example: Boolean sharing X = X 1 X 2 X 3, where X 1, X 2 and X 3 are random values Only X 1, X 2 and X 3 are manipulated in the implementation 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 37 / 89
39 Avoid Vulnerabilities regarding DSCA Example: The attacker is able to exploit a hamming weight leakage by CPA The attacker can choose the value of a byte X In the algorithm, X should be XORed with a sensitive byte Y Program using the secret sharing countermeasure: Generate a random byte Z 0 Z 1 = Y Z 0 Z 1 = Z 1 X store Z 0 in RAM store Z 1 in RAM... ) the sensitive value Z is shared among Z 0 and Z 1 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 38 / 89
40 Avoid Vulnerabilities regarding DSCA Example: The attacker is able to exploit a hamming distance (HD) leakage by CPA The attacker can choose the value of a byte X In the algorithm, X should be XORed with a sensitive byte Y Program using the secret sharing countermeasure: Generate a random byte Z 0 Z 1 = Y Z 0 Z 1 = Z 1 X store Z 0 in RAM store Z 1 in RAM Z 0 and Z 1 transit on the BUS successively, BUS would pass from Z 0 to Z 1, HD = Z... 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 39 / 89
41 Avoid Vulnerabilities regarding DSCA Example: The attacker is able to exploit a hamming distance (HD) leakage by CPA The attacker can choose the value of a byte X In the algorithm, X should be XORed with a sensitive byte Y Program using the secret sharing countermeasure: Generate a random byte Z 0 Z 1 = Y Z 0 Z 1 = Z 1 X store Z 0 in RAM store Z 1 in RAM Z 0 and Z 1 transit on the BUS successively, BUS would pass from Z 0 to Z 1, HD = Z... 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 39 / 89
42 Avoid Vulnerabilities regarding DSCA Countermeasure Blinding - Randomization (Mathematical Context): Randomize a variable X into a random data X 0 such that good mathematical properties are kept (result can be recovered), and the targeted value does not appear. 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 40 / 89
43 Avoid Vulnerabilities regarding DSCA Example: Group exponentiation in ((Z/NZ), ), S = m d mod N, d is sensitive The attacker is able to choose values for m The attacker is able to exploit a hamming weight model leakage on successive powers of m mod N The attacker performs a DPA for each bit of d, building 2 sets depending on the hamming weight (high or small) of some bytes of the targeted intermediate powers of m Program using the Blinding countermeasure: Generate R a random number N 0 = N R S 0 = m d mod N 0 S = S 0 mod N 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 41 / 89
44 Avoid Vulnerabilities regarding DSCA Example: We define a group G as follows: : { (x, y) 2 (F p F p ) y 2 = x 3 + ax + b mod p } with p prime, and 4a b 2 mod p 6= 0 We define an addition law over : P + Q = R if P 6= Q, R is the intersection of the line passing through P and Q with, R is the opposite of R regarding the x axis if P = Q, R is the intersection of the tangent of in P, R is the opposite of R regarding the x axis We define 1 such that P + 1 = P, 8P 2. If the line passing through P and Q has no other intersection with, then P + Q = 1 (or P + P = 1) G, G =< g >, s.t. n.g = 1, n large prime These groups are commonly used in cryptography 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 42 / 89
45 Avoid Vulnerabilities regarding DSCA Example (continued): We consider the point multiplication S = d.m, d is a sensitive value M 2 G, d 2 N The attacker is able to choose values for the point M The attacker is able to exploit a hamming weight model leakage of the x-coordinate of successive multiples of M The attacker performs a DPA for each bit of d, building 2 sets depending on the x-coordinate hamming weight (high or small) on some bytes of the targeted intermediate multiples of M Program using the Blinding countermeasure: Generate r a random number d 0 = d +(n r) S = d 0.M 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 43 / 89
46 Avoid Vulnerabilities regarding DSCA Coming back to Previous Example: 1 The attacker acquires power traces for different input values 2 The attacker localizes the targeted XOR operation, and synchronizes curves on this operation 3 For each of the 2 8 guesses, the attacker calculates the correlation coefficient between the hamming weight of XOR result, and the power traces acquired 4 The attacker can reduce the space of possible values for Y, if the correct guess gives one of the best scores ) One critical step for the attacker is the timing localization of a specific sensitive operation, and its synchronization over multiple traces 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 44 / 89
47 Avoid Vulnerabilities regarding DSCA Rule Remove the possibility for an attacker to find "easily" a sensitive manipulation. Remove also the possibility to synchronize "easily" this manipulation over multiple traces 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 45 / 89
48 Avoid Vulnerabilities regarding DSCA Countermeasure Desynchronization: Introduce dummy events of random duration, before and/or after the targeted manipulation. Example: Program using the desynchronization (sensitive XOR X Generate a random R i=0 while ((+ + i)! = R) dummy operation Z = X Y... Y): 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 46 / 89
49 Avoid Vulnerabilities regarding DSCA Countermeasure Order Randomization of Operations: Perform operations in an unpredictable order, different each time, to avoid an easy synchronization on sensitive events Example: Program using the Order Randomization of Operations (sensitive XORs X i Y i, i = 0...7): for i from 0 to 7 in random order Z i = X i Y i ) Harder for the attacker to locate the XOR for a specific index 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 47 / 89
50 Avoid Vulnerabilities regarding FA-DFA Example: Program disturbance Program for a PIN verification: if ENTERED_PIN = STORED_PIN then GrantAccess() else Mute() 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 48 / 89
51 Avoid Vulnerabilities regarding FA-DFA Example: Program disturbance Normal behavior: The user enters a wrong PIN Program for a PIN verification: if ENTERED_PIN = STORED_PIN then GrantAccess() else Mute() 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 49 / 89
52 Avoid Vulnerabilities regarding FA-DFA Example: Program disturbance Faulty behavior: The user enters a wrong PIN, program is disturbed Program for a PIN verification: if ENTERED_PIN = STORED_PIN then ( Fault injected GrantAccess() else Mute() 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 50 / 89
53 Avoid Vulnerabilities regarding FA-DFA Rule Remove the possibility for an attacker to find "easily" the key timing in the program for an exploitable fault injection See previous countermeasures 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 51 / 89
54 Avoid Vulnerabilities regarding FA-DFA Rule Warning when executing or not fake operations depending on the secret value 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 52 / 89
55 Avoid Vulnerabilities regarding FA-DFA Example: Square and Multiply Always Algorithm: A = 1 for (i from 0 to L 1) do { A = A A mod N if d i = 1 then A = A m mod N else B = A m mod N } return(a) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 53 / 89
56 Avoid Vulnerabilities regarding FA-DFA Example: Square and Multiply Always Algorithm: A = 1 for (i from 0 to L 1) do { A = A A mod N if d i = 1 then A = A m mod N ( Fault Injected else B = A m mod N } return(a) If the attacker introduces a fault in a real multiplication, result is faulty 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 54 / 89
57 Avoid Vulnerabilities regarding FA-DFA Example: Square and Multiply Always Algorithm: A = 1 for (i from 0 to L 1) do { A = A A mod N if d i = 1 then A = A m mod N else B = A m mod N ( Fault Injected } return(a) If the attacker introduces a fault in a fake multiplication, result is safe 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 55 / 89
58 Avoid Vulnerabilities regarding FA-DFA Rule Put error detectors in the code to guarantee the correct execution of the program 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 56 / 89
59 Avoid Vulnerabilities regarding DSCA Countermeasure Consistency check: Use verifications of consistency. Check that the program executes and ends as expected Example: Program using consistency check (inverse operation): C = AES 128 encrypt(p, K) X = AES 128 decrypt(c, K) if X 6= P "Fault Detected" There are many ways of checking consistency 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 57 / 89
60 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding Timing Attacks Regarding SPA-SEMA Regarding Statistical Side-Channel Attacks Regarding Fault Attacks 3 Application Examples for some Cryptographic Algorithms Application examples for RSA-CRT Application examples for AES Conclusion 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 58 / 89
61 RSA-CRT system RSA-CRT parameters: (N, e) Public key (p, q, d p, d q, i q ) Private key 8 N = p q, (p, q large primes) gcd((p 1), e) =1 >< gcd((q 1), e) =1 such that d p = e 1 mod (p 1) d q = e >: 1 mod (q 1) i q = q 1 mod p 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 59 / 89
62 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) return S 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 60 / 89
63 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) return S 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 61 / 89
64 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p Vulnerability to TA S p = m dp p mod p m q = m mod q Vulnerability to TA S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) return S An attacker could proceed by dichotomy to find min(p, q) ) If m < min(p, q), no modular reduction ) If m min(p, q), modular reduction 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 62 / 89
65 Application examples for RSA-CRT Process of a naive RSA-CRT signature (+Vulnerability Corrected) Input: m, p, q, d p, d q, i q, N m = m + N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) return S ) whatever m, modular reduction 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 63 / 89
66 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q = i q (S p S q ) mod p S = S q + q RETURN(S) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 64 / 89
67 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q = i q (S p S q ) mod p S = S q + q ( Let us considering sensitivity to DSCA RETURN(S) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 65 / 89
68 Application examples for RSA-CRT DSCA on the recombination in RSA-CRT 1 The attacker makes several acquisitions and collects the signature results 2 The attacker tries to discover q byte per byte from MSB to LSB (most to least significant) 3 The attacker makes an hypothesis for the i th byte : b = 2 8 b + hypothesis(q i ) (Starting from b = 0) 4 The attacker computes! = S/b 5 The attacker tries to correlate! with when it is manipulated in the recombination 6 If the guess for the byte is correct,! values are highly correlated with 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 66 / 89
69 Application examples for RSA-CRT Process of a naive RSA-CRT signature (+Vulnerability Corrected) Input: m, p, q, d p, d q, i q, N, e m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q i p = p 1 mod q S = p i p S q + q i q S p mod N RETURN(S) ) Remove the appearance of by using Gauss formula for the recombination 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 67 / 89
70 Application examples for RSA-CRT Process of a naive RSA-CRT signature Input: m, p, q, d p, d q, i q, N m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) return S 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 68 / 89
71 Application examples for RSA-CRT Process of a naive RSA-CRT signature (with FA effect) Input: m 2 Z N, p, q, d p, d q, i q m p = m mod p S p = m dp mod p ( Fault Injection m q = m mod q S q = m dq mod q S = S q + q (i q (S p S q ) mod p) return S ) Vulnerability to FA: gcd(s S mod N, N) =q 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 69 / 89
72 Application examples for RSA-CRT Process of a naive RSA-CRT signature (with FA effect) Why gcd(s S mod N, N) =q?? ( S S mod q S is s.t. S 6= S mod p ( S S mod N 0 mod q S S mod N is s.t. S S mod N 6= 0 mod p ) S S mod N is a multiple of q 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 70 / 89
73 Application examples for RSA-CRT Process of a naive RSA-CRT signature (+Vulnerability Corrected) Input: m, p, q, d p, d q, i q, N, e m p = m mod p S p = m dp p mod p m q = m mod q S q = m dq q mod q S = S q + q (i q (S p S q ) mod p) if (S e mod N = m) RETURN(S) else "Fault Detected" Use a consistency check with inverse operation 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 71 / 89
74 Application examples for RSA-CRT Process of a naive RSA-CRT signature (+ Shamir CM FA), e not available Input: m, p, q, d p, d q, i q, N select t a small random Compute d s.t. d mod (p 1) =d p and d mod (q 1) =d q m p = m mod pt S pt = m d p mod pt m q = m mod qt S qt = m d q mod qt S p = S pt mod p, S q = S qt mod q, S = S q + q (i q (S p S q ) mod p) if (S pt mod t = S qt mod t) RETURN(S) else "Fault Detected" Use a consistency check with modulus extension 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 72 / 89
75 Application examples for AES-128 Process of a naive AES-128 Input: K = 16 byte Key P = 16 byte Plaintext State P RoundKey K AddRoundKey(State, RoundKey) Round 0 while(round < 9) { SubBytes(State) ShiftRow(State) MixColumn(State) KeySchedule(RoundKey, Round) AddRoundKey(State, RoundKey) Round ++ } SubBytes(State) ShiftRow(State) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 73 / 89
76 Application examples for AES-128 Process of a naive AES-128 Input: K = 16 byte Key P = 16 byte Plaintext State P RoundKey K AddRoundKey(State, RoundKey) ( Considering sensitivity to DSCA Round 0 while(round < 9) { SubBytes(State) ShiftRow(State) MixColumn(State) KeySchedule(RoundKey, Round) AddRoundKey(State, RoundKey) Round ++ } SubBytes(State) ShiftRow(State) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 74 / 89
77 Application examples for AES-128 Secret sharing and AddRoundKey: Split the state S = S 0, S 1,...,S 15 into 2 shares: S1 and S2 s.t. S = S1 S2 Thus AddRoundKey operation on state S = S 0, S 1,...,S 15 can be performed for one of the 2 shares: e.g. S1 = S1 Values of S1 and S2 before and after AddRoundKey not predictable K 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 75 / 89
78 Application examples for AES-128 Process of a naive AES-128 Input: K = 16 byte Key P = 16 byte Plaintext State P RoundKey K AddRoundKey(State, RoundKey) Round 0 while(round < 9) { SubBytes(State) ShiftRow(State) MixColumn(State) KeySchedule(RoundKey, Round) AddRoundKey(State, RoundKey) Round ++ } SubBytes(State) ShiftRow(State) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 76 / 89
79 Application examples for AES-128 Process of a naive AES-128 Input: K = 16 byte Key P = 16 byte Plaintext State P RoundKey K AddRoundKey(State, RoundKey) Round 0 while(round < 9) { SubBytes(State) ( Considering sensitivity to DSCA at round 0 ShiftRow(State) MixColumn(State) KeySchedule(RoundKey, Round) AddRoundKey(State, RoundKey) Round ++ } SubBytes(State) ShiftRow(State) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 77 / 89
80 Application examples for AES-128 The SubBytes operation: Aply 16 times (each byte) a non linear operation: {0, 1} 8!{0, 1} 8 Can be seen as an inversion composed with an affine transformation in GF(2 8 ) Can be implemented as a Look Up Table (LUT) of 256 bytes 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 78 / 89
81 Application examples for AES-128 Secret sharing and SubBytes with LUT: The basic method Split the 16-byte state S = S 0 S 1... S 15 into 2 shares maskeds and T: S = maskeds with 16-byte parameter T = X X... X, X 2 [0, 255] SubBytes operation on state S = S 0, S 1,...,S 15 can be performed on the share maskeds but with a modified Substitution Box (pre-computation): for y from 0 to 255 Sbox 0 [y X] =Sbox[y] X T ) Requires 256 extra bytes in RAM ) There are much more elaborate methods 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 79 / 89
82 Outline 1 Context and Motivations 2 Basic Rules and Countermeasures Examples Regarding Timing Attacks Regarding SPA-SEMA Regarding Statistical Side-Channel Attacks Regarding Fault Attacks 3 Application Examples for some Cryptographic Algorithms Application examples for RSA-CRT Application examples for AES Conclusion 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 80 / 89
83 Conclusion It is not always easy to verify that a countermeasure is efficient By Code Audit But Compiler could remove countermeasures But Cache could create vulnerabilities Practical Realization of the Attacks May be costly to realize all possible attacks But if no vulnerability found, was the attack set up efficient? 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 81 / 89
84 Conclusion It is not always easy to verify that a countermeasure is efficient Hand Methods List exhaustively all intermediate variables (regarding DSCA) List exhaustively all fault effects (regarding FA) How to be confident that the list is exhaustive? Towards the usage of Formal Methods Use trusted provers to prove the resistance For now, mainly used for fault resistance assessment only ) Difficult to guarantee that the abstraction level is correct ) Proof is often correct only for a specific implementation (HW specific) 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 82 / 89
85 Conclusion It is not always easy to identify the assets Assets may be different depending on the application RSA signature S = m d mod N RSA decipher S = m d mod N 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 83 / 89
86 Conclusion It is not always easy to identify the assets Assets may be different depending on the application RSA signature S = m d mod N RSA decipher S = m d mod N 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 84 / 89
87 Conclusion It is not always easy to identify the assets Assets may be different depending on the application RSA cipher m = S e mod N RSA verification m = S e mod N 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 85 / 89
88 Conclusion It is not always easy to identify the assets Assets may be different depending on the application RSA cipher m = S e mod N RSA verification m = S e mod N Comparison that comes after 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 86 / 89
89 Conclusion It is not always easy to identify all attack paths All existing attacks should be considered: the list is huge Attacks are always in motion, new ones appear regularly 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 87 / 89
90 Some must references (not exhaustive) On the Importance of Eliminating Errors in Cryptographic Computations, Boneh et al., BellCore Report, 96 Method and apparatus for protecting PK schemes from timing and fault attacks, Shamir 97 DPA, Kocher et al. CHES 99 Timing Attacks on Implementations of DH, RSA, DSS, and Other Systems, Kocher et al, 99 DES and DPA: the "Duplication" Method, Goubin et al., CHES 99 Resistance against DPA for ECC, Coron et al, CHES 99 1 st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 88 / 89
91 Some must references (not exhaustive) PKCS#1: RSA Cryptographic Standard, RSA Laboratory ANSI X9.63, Public Key Cryptography for the financial Industry FIPS 197: AES, NIST, 01 A Sound Method for Switching between Boolean and Arithmetic Masking, Goubin et al., CHES 01 The Montgomery Powering Ladder, Joye et al., CHES 02 DFA on AES, Dusart et al, 03 CPA with a leakage model, Brier et al., CHES st December, 2017 Introduction to Software Countermeasures For Embedded Cryptography 89 / 89
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017 WHAT WE DO What we do Robust and Efficient Cryptographic Protocols Research in Cryptography and
More informationSide channel attack: Power Analysis. Chujiao Ma, Z. Jerry Shi CSE, University of Connecticut
Side channel attack: Power Analysis Chujiao Ma, Z. Jerry Shi CSE, University of Connecticut Conventional Cryptanalysis Conventional cryptanalysis considers crypto systems as mathematical objects Assumptions:
More informationBlind Differential Cryptanalysis for Enhanced Power Attacks
Blind Differential Cryptanalysis for Enhanced Power Attacks Bart Preneel COSIC K.U.Leuven - Belgium bart.preneel(at)esat.kuleuven.be Joint work with Helena Handschuh Concept Differential cryptanalysis
More informationFDTC 2010 Fault Diagnosis and Tolerance in Cryptography. PACA on AES Passive and Active Combined Attacks
FDTC 21 Fault Diagnosis and Tolerance in Cryptography PACA on AES Passive and Active Combined Attacks Christophe Clavier Benoît Feix Georges Gagnerot Mylène Roussellet Limoges University Inside Contactless
More informationThe Davies-Murphy Power Attack. Sébastien Kunz-Jacques Frédéric Muller Frédéric Valette DCSSI Crypto Lab
The Davies-Murphy Power Attack Sébastien Kunz-Jacques Frédéric Muller Frédéric Valette DCSSI Crypto Lab Introduction Two approaches for attacking crypto devices traditional cryptanalysis Side Channel Attacks
More informationSoftware Engineering Aspects of Elliptic Curve Cryptography. Joppe W. Bos Real World Crypto 2017
Software Engineering Aspects of Elliptic Curve Cryptography Joppe W. Bos Real World Crypto 2017 1. NXP Semiconductors Operations in > 35 countries, more than 130 facilities 45,000 employees Research &
More informationHOST Differential Power Attacks ECE 525
Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately, cryptographic
More informationFault injection attacks on cryptographic devices and countermeasures Part 1
Fault injection attacks on cryptographic devices and countermeasures Part 1 Israel Koren Department of Electrical and Computer Engineering University of Massachusetts Amherst, MA Outline Introduction -
More informationPractical Electromagnetic Template Attack on HMAC
Practical Electromagnetic Template Attack on HMAC Pierre Alain Fouque 1 Gaétan Leurent 1 Denis Réal 2,3 Frédéric Valette 2 1ENS,75Paris,France. 2CELAR,35Bruz,France. 3INSA-IETR,35Rennes,France. September
More informationSecurity against Timing Analysis Attack
International Journal of Electrical and Computer Engineering (IJECE) Vol. 5, No. 4, August 2015, pp. 759~764 ISSN: 2088-8708 759 Security against Timing Analysis Attack Deevi Radha Rani 1, S. Venkateswarlu
More informationA New Attack with Side Channel Leakage during Exponent Recoding Computations
A New Attack with Side Channel Leakage during Exponent Recoding Computations Yasuyuki Sakai 1 and Kouichi Sakurai 2 1 Mitsubishi Electric Corporation, 5-1-1 Ofuna, Kamakura, Kanagawa 247-8501, Japan ysakai@iss.isl.melco.co.jp
More informationSide-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck
Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck What is RSA? As we all know, RSA (Rivest Shamir Adleman) is a really secure algorithm for public-key cryptography.
More informationECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria. Stefan Mangard.
Building Secure Hardware ECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria Stefan Mangard Infineon Technologies, Munich, Germany Stefan.Mangard@infineon.com Outline Assets and Requirements
More informationPower Analysis Attacks
Power Analysis Attacks Elisabeth Oswald Computer Science Department Crypto Group eoswald@cs.bris.ac.uk Elisabeth.Oswald@iaik.tugraz.at Outline Working principle of power analysis attacks DPA Attacks on
More informationMasking as a Side-Channel Countermeasure in Hardware
Masking as a Side-Channel Countermeasure in Hardware 6. September 2016 Ruhr-Universität Bochum 1 Agenda Physical Attacks and Side Channel Analysis Attacks Measurement setup Power Analysis Attacks Countermeasures
More informationSide-Channel Attack against RSA Key Generation Algorithms
Side-Channel Attack against RSA Key Generation Algorithms CHES 2014 Aurélie Bauer, Eliane Jaulmes, Victor Lomné, Emmanuel Prouff and Thomas Roche Agence Nationale de la Sécurité des Systèmes d Information
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Attacking Cryptographic Schemes Cryptanalysis Find mathematical weaknesses in constructions
More informationExternal Encodings Do not Prevent Transient Fault Analysis
External Encodings Do not Prevent Transient Fault Analysis Christophe Clavier Gemalto, Security Labs CHES 2007 Vienna - September 12, 2007 Christophe Clavier CHES 2007 Vienna September 12, 2007 1 / 20
More informationFault-Based Attack of RSA Authentication
Fault-Based Attack of RSA Authentication, Valeria Bertacco and Todd Austin 1 Cryptography: Applications 2 Value of Cryptography $2.1 billions 1,300 employees $1.5 billions 4,000 employees $8.7 billions
More informationBreaking Korea Transit Card with Side-Channel Attack
Breaking Korea Transit Card with Side-Channel Attack -Unauthorized Recharging- Black Hat Asia 2017 Tae Won Kim, Tae Hyun Kim, and Seokhie Hong Outline 1. Attack Goal & Scenario 2. Target Device Details
More informationAdvanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50
Advanced Encryption Standard and Modes of Operation Foundations of Cryptography - AES pp. 1 / 50 AES Advanced Encryption Standard (AES) is a symmetric cryptographic algorithm AES has been originally requested
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationPower Analysis of MAC-Keccak: A Side Channel Attack. Advanced Cryptography Kyle McGlynn 4/12/18
Power Analysis of MAC-Keccak: A Side Channel Attack Advanced Cryptography Kyle McGlynn 4/12/18 Contents Side-Channel Attack Power Analysis Simple Power Analysis (SPA) Differential Power Analysis (DPA)
More informationRiscure Inspector Release Notes
Date 15 January 2018 Modified behavior Issue number INS-7594 INS-7593 INS-7709 INS-7620 INS-7427 INS-7576 Description Modified behavior: During module execution it was possible to start another module
More informationDFA on AES. Christophe Giraud. Oberthur Card Systems, 25, rue Auguste Blanche, Puteaux, France.
DFA on AES Christophe Giraud Oberthur Card Systems, 25, rue Auguste Blanche, 92800 Puteaux, France. c.giraud@oberthurcs.com Abstract. In this paper we describe two different DFA attacks on the AES. The
More informationPart VI. Public-key cryptography
Part VI Public-key cryptography Drawbacks with symmetric-key cryptography Symmetric-key cryptography: Communicating parties a priori share some secret information. Secure Channel Alice Unsecured Channel
More informationFault Sensitivity Analysis
Fault Sensitivity Analysis Yang Li, Kazuo Sakiyama, Shigeto Gomisawa, Kazuo Ohta The University of Electro-Communications liyang@ice.uec.ac.jp Toshinori Fukunaga, Junko Takahashi NTT Information Sharing
More informationWhoamI. Attacking WBC Implementations No con Name 2017
Attacking WBC Implementations No con Name 2017 1 WHO I AM EDUCATION: Computer Science MSc in IT security COMPANY & ROLES: HCE Security Evaluator R&D Engineer WBC project Responsible of Android security
More informationFault-based Cryptanalysis on Block Ciphers
LIRMM / university of Montpellier COSADE 2017, Thursday April 13 2017, Paris, France 1/ 62 Outline 1 2 Fault Model Safe Error Attack DFA Statistical Fault Attack 3 Analog Level Digital Level Application
More informationA physical level perspective
UMass CS 660 Advanced Information Assurance Spring 2011Guest Lecture Side Channel Analysis A physical level perspective Lang Lin Who am I 5 th year PhD candidate in ECE Advisor: Professor Wayne Burleson
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationUnboxing the whitebox. Jasper van CTO Riscure North America ICMC 16
Unboxing the whitebox Jasper van Woudenberg @jzvw CTO Riscure North America ICMC 16 Riscure Certification Pay TV, EMVco, smart meter, CC Evaluation & consultancy Mobile (TEE/HCE/WBC) Secure architecture
More informationProvably Secure and Efficient Cryptography
Provably Secure and Efficient Cryptography Tsuyoshi TAKAGI TU Darmstadt ttakagi@cdc.informatik.tu-darmstadt.de http://www.informatik.tu-darmstadt.de/ti/ Contents Overview NICE Cryptosystem Provable Security
More informationOutline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationOutline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)
Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key
More informationSecure Smartcard Design against Laser Fault Injection. FDTC 2007, September 10 th Odile DEROUET
Secure Smartcard Design against Laser Fault Injection FDTC 2007, September 10 th Odile DEROUET Agenda Fault Attacks on Smartcard Laser Fault Injection Our experiment Background on secure hardware design
More informationNon-Profiled Deep Learning-Based Side-Channel Attacks
Non-Profiled Deep Learning-Based Side-Channel Attacks Benjamin Timon UL Transaction Security, Singapore benjamin.timon@ul.com Abstract. Deep Learning has recently been introduced as a new alternative to
More informationSide-Channel Cryptanalysis. Joseph Bonneau Security Group
Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers will always cheat xkcd #538 What is side channel cryptanalysis? Side Channels: whatever the designers ignored
More informationPublic Key Cryptography and RSA
Public Key Cryptography and RSA Major topics Principles of public key cryptosystems The RSA algorithm The Security of RSA Motivations A public key system is asymmetric, there does not have to be an exchange
More informationThis chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest
1 2 3 This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest PKCS, Diffie- Hellman key exchange. This first published
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Block cipher DES 3DES
More informationOn-Line Self-Test of AES Hardware Implementations
On-Line Self-Test of AES Hardware Implementations G. Di Natale, M. L. Flottes, B. Rouzeyre Laboratoire d Informatique, de Robotique et de Microélectronique de Montpellier Université Montpellier II / CNRS
More informationSimplified Adaptive Multiplicative Masking for AES
Simplified Adaptive Multiplicative Masking for AES Elena Trichina, Domenico De Seta, and Lucia Germani Cryptographic Design Center, Gemplus Technology R& D Via Pio Emanuelli, 0043 Rome, Italy {elena.trichina,domenico.deseta,lucia.germani}@gemplus.com
More informationSIDE CHANNEL ANALYSIS : LOW COST PLATFORM. ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI
SIDE CHANNEL ANALYSIS : LOW COST PLATFORM ETSI SECURITY WEEK Driss ABOULKASSIM Jacques FOURNIERI THE CEA Military Applications Division (DAM) Nuclear Energy Division (DEN) Technological Research Division
More informationSide Channel Analysis of an Automotive Microprocessor
ISSC 2008, Galway. June 18 19 Side Channel Analysis of an Automotive Microprocessor Mark D. Hamilton, Michael Tunstall,EmanuelM.Popovici, and William P. Marnane Dept. of Microelectronic Engineering, Dept.
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationUsing Error Detection Codes to detect fault attacks on Symmetric Key Ciphers
Using Error Detection Codes to detect fault attacks on Symmetric Key Ciphers Israel Koren Department of Electrical and Computer Engineering Univ. of Massachusetts, Amherst, MA collaborating with Luca Breveglieri,
More information«Safe (hardware) design methodologies against fault attacks»
«Safe (hardware) design methodologies against fault attacks» Bruno ROBISSON Assia TRIA SESAM Laboratory (joint R&D team CEA-LETI/EMSE), Centre Microélectronique de Provence Avenue des Anémones, 13541 Gardanne,
More informationArea Optimization in Masked Advanced Encryption Standard
IOSR Journal of Engineering (IOSRJEN) ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 04, Issue 06 (June. 2014), V1 PP 25-29 www.iosrjen.org Area Optimization in Masked Advanced Encryption Standard R.Vijayabhasker,
More informationChapter 9 Public Key Cryptography. WANG YANG
Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext
More informationTechnological foundation
Technological foundation Carte à puce et Java Card 2010-2011 Jean-Louis Lanet Jean-louis.lanet@unilim.fr Cryptology Authentication Secure upload Agenda Cryptology Cryptography / Cryptanalysis, Smart Cards
More informationCountermeasures against EM Analysis
Countermeasures against EM Analysis Paolo Maistri 1, SebastienTiran 2, Amine Dehbaoui 3, Philippe Maurine 2, Jean-Max Dutertre 4 (1) (2) (3) (4) Context Side channel analysis is a major threat against
More informationINTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)
INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN 0976 ISSN 0976 6464(Print)
More informationCS669 Network Security
UNIT II PUBLIC KEY ENCRYPTION Uniqueness Number Theory concepts Primality Modular Arithmetic Fermet & Euler Theorem Euclid Algorithm RSA Elliptic Curve Cryptography Diffie Hellman Key Exchange Uniqueness
More informationPiret and Quisquater s DFA on AES Revisited
Piret and Quisquater s DFA on AES Revisited Christophe Giraud 1 and Adrian Thillard 1,2 1 Oberthur Technologies, 4, allée du doyen Georges Brus, 33 600 Pessac, France. c.giraud@oberthur.com 2 Université
More informationDesign of an Efficient Architecture for Advanced Encryption Standard Algorithm Using Systolic Structures
Design of an Efficient Architecture for Advanced Encryption Standard Algorithm Using Systolic Structures 1 Suresh Sharma, 2 T S B Sudarshan 1 Student, Computer Science & Engineering, IIT, Khragpur 2 Assistant
More informationApplying TVLA to Public Key Cryptographic Algorithms. Michael Tunstall Gilbert Goodwill
Applying TVLA to Public Key Cryptographic Algorithms Michael Tunstall Gilbert Goodwill Introduction Test Vector Leakage Assessment (TVLA) was proposed in 2012 Efficient in evaluating the presence of leakage
More informationLowering the Bar: Deep Learning for Side Channel Analysis. Guilherme Perin, Baris Ege, Jasper van December 4, 2018
Lowering the Bar: Deep Learning for Side Channel Analysis Guilherme Perin, Baris Ege, Jasper van Woudenberg @jzvw December 4, 2018 1 Before Signal processing Leakage modeling 2 After 3 Helping security
More informationOn Boolean and Arithmetic Masking against Differential Power Analysis
On Boolean and Arithmetic Masking against Differential Power Analysis [Published in Ç.K. Koç and C. Paar, Eds., Cryptographic Hardware and Embedded Systems CHES 2000, vol. 1965 of Lecture Notes in Computer
More informationSPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation
SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation Roman Novak Jozef Stefan Institute, Jamova 39, 00 Ljubljana, Slovenia, Roman.Novak@ijs.si Abstract. 1 We describe an adaptive chosen-ciphertext
More informationWhite-Box Cryptography
Based on: J. W. Bos, C. Hubain, W. Michiels, P. Teuwen. In CHES 2016: Differential computation analysis: Hiding your white-box designs is not enough. White-Box Cryptography Don't Forget About Grey Box
More informationMemory Address Side-Channel Analysis on Exponentiation
Memory Address Side-Channel Analysis on Exponentiation Chien-Ning Chen Physical Analysis & Cryptographic Engineering (PACE) Nanyang Technological University, Singapore chienning@ntu.edu.sg Abstract. Side-channel
More informationThe Montgomery Powering Ladder
The Montgomery Powering Ladder Marc Joye Gemplus Card International Gémenos, France marc.joye@gemplus.com http://www.geocities.com/marcjoye/ Sung-Ming Yen LCIS, National Central University Chung-Li, Taiwan
More informationEfficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking
Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking Blandine Debraize Gemalto, 6 rue de la Verrerie, 92197 Meudon Cedex, France blandine.debraize@gemalto.com Abstract.
More informationD eepa.g.m 3 G.S.Raghavendra 4
Volume 3, Issue 5, May 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Breaking Cryptosystem
More informationSynthesis of Fault-Attack Countermeasures for Cryptographic Circuits
Synthesis of Fault-Attack Countermeasures for Cryptographic Circuits Hassan Eldib, Meng Wu, and Chao Wang CAV, July 23, 2016 Cryptographic Algorithm: an example Plaintext Chip Ciphertext 0110 1001 1011
More informationKeywords Security, Cryptanalysis, RSA algorithm, Timing Attack
Volume 4, Issue 1, January 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Performance
More informationEfficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking
Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking Blandine Debraize Gemalto, 6 rue de la Verrerie, 92197 Meudon Cedex, France blandine.debraize@gemalto.com Abstract.
More informationIntroduction to Side-Channel Analysis: Basic Concepts and Techniques
Introduction to Side-Channel Analysis: Basic Concepts and Techniques Hardware security, Spring 2018 Lejla Batina March 8, 2018 Institute for Computing and Information Sciences Radboud University 1 Outline
More informationRSA POWER ANALYSIS OBFUSCATION: A DYNAMIC FPGA ARCHITECTURE THESIS. John W. Barron, Captain, USAF AFIT/GE/ENG/12-02
RSA POWER ANALYSIS OBFUSCATION: A DYNAMIC FPGA ARCHITECTURE THESIS John W. Barron, Captain, USAF AFIT/GE/ENG/12-02 DEPARTMENT OF THE AIR FORCE AIR UNIVERSITY AIR FORCE INSTITUTE OF TECHNOLOGY Wright-Patterson
More informationA Fault Attack Against the FOX Cipher Family
A Fault Attack Against the FOX Cipher Family L. Breveglieri 1,I.Koren 2,andP.Maistri 1 1 Department of Electronics and Information Technology, Politecnico di Milano, Milano, Italy {brevegli, maistri}@elet.polimi.it
More informationA practical integrated device for lowoverhead, secure communications.
A practical integrated device for lowoverhead, secure communications. Gord Allan Matt Lewis Design Goals Versatility Mobility Security -can be used in a range of devices -compatibility, low/no infrastructure
More informationRSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.
RSA (material drawn from Avi Kak (kak@purdue.edu) Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto. protocols The RSA algorithm is based on the following property
More informationA Template Attack on Elliptic Curves using Classification methods
Technische Universiteit Eindhoven Master Thesis A Template Attack on Elliptic Curves using Classification methods Author: Elif Özgen Supervisors: Lejla Batina Berry Schoenmakers A thesis submitted in fulfillment
More informationBlock Ciphers Introduction
Technicalities Block Models Block Ciphers Introduction Orr Dunkelman Computer Science Department University of Haifa, Israel March 10th, 2013 Orr Dunkelman Cryptanalysis of Block Ciphers Seminar Introduction
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 5a January 29, 2013 CPSC 467b, Lecture 5a 1/37 Advanced Encryption Standard AES Alternatives CPSC 467b,
More informationEfficient DPA Attacks on AES Hardware Implementations
I. J. Communications, Network and System Sciences. 008; : -03 Published Online February 008 in SciRes (http://www.srpublishing.org/journal/ijcns/). Efficient DPA Attacks on AES Hardware Implementations
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationSyrvey on block ciphers
Syrvey on block ciphers Anna Rimoldi Department of Mathematics - University of Trento BunnyTn 2012 A. Rimoldi (Univ. Trento) Survey on block ciphers 12 March 2012 1 / 21 Symmetric Key Cryptosystem M-Source
More informationEncryption Details COMP620
Encryption Details COMP620 Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government It s hard to think of a more
More informationSecure Multiple SBoxes Implementation with Arithmetically Masked Input
Secure Multiple SBoxes Implementation with Arithmetically Masked Input Luk Bettale Oberthur Technologies 71-73 rue des Hautes Pâtures 92726 Nanterre Cedex - France l.bettale@oberthur.com Abstract The building
More informationWhite-Box Cryptography State of the Art. Paul Gorissen
White-Box Cryptography State of the Art Paul Gorissen paul.gorissen@philips.com Outline Introduction Attack models White-box cryptography How it is done Interesting properties State of the art Conclusion
More informationA Countermeasure Circuit for Secure AES Engine against Differential Power Analysis
A Countermeasure Circuit for Secure AES Engine against Differential Power Analysis V.S.Subarsana 1, C.K.Gobu 2 PG Scholar, Member IEEE, SNS College of Engineering, Coimbatore, India 1 Assistant Professor
More informationDifferential Fault Analysis on the AES Key Schedule
ifferential Fault Analysis on the AES Key Schedule Junko TAKAHASHI and Toshinori FUKUNAGA NTT Information Sharing Platform Laboratories, Nippon Telegraph and Telephone Corporation, {takahashi.junko, fukunaga.toshinori}@lab.ntt.co.jp
More informationpage 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas
Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher
More informationParallelizing Cryptography. Gordon Werner Samantha Kenyon
Parallelizing Cryptography Gordon Werner Samantha Kenyon Outline Security requirements Cryptographic Primitives Block Cipher Parallelization of current Standards AES RSA Elliptic Curve Cryptographic Attacks
More informationFault Attacks on Public Keys
Fault Attacks on Public Keys Ce cile Canovas and Alexandre Berzati CEA-LETI Minatec et Universite de Versailles 5 Juin 2009 Outline 1 Introduction 2 IFP-based algorithms 3 DLP-based algorithms 4 ECDLP-based
More informationSide-channel Analysis of Grøstl and Skein
2012 IEEE IEEE Symposium CS Security on Security and Privacy and Workshops Privacy Workshops Side-channel Analysis of Grøstl and Skein Christina Boura, Sylvain Lévêque, David Vigilant Gemalto 6 rue de
More informationEffects of Architecture on Information Leakage of a Hardware Advanced Encryption Standard Implementation
Air Force Institute of Technology AFIT Scholar Theses and Dissertations 9-13-2012 Effects of Architecture on Information Leakage of a Hardware Advanced Encryption Standard Implementation Eric A. Koziel
More informationContent of this part
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 5 More About Block Ciphers Israel Koren ECE597/697 Koren Part.5.1 Content of this
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationPower Analysis Side Channel Attacks: The Processor Design-level Context
Power Analysis Side Channel Attacks: The Processor Design-level Context Jude Angelo Ambrose Submitted in partial fulfilment of the requirements for the degree of Doctor of Philosophy March 2009 School
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationMicro-Architectural Attacks and Countermeasures
Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.5 Public Key Algorithms CSC 474/574 Dr. Peng Ning 1 Public Key Algorithms Public key algorithms covered in this class RSA: encryption and digital signature
More informationHardware Security. Debdeep Mukhopadhyay
Hardware Security Debdeep Mukhopadhyay Secured Embedded Architecture Laboratory (SEAL) Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Kharagpur, West Bengal, INDIA
More informationFault Sensitivity Analysis
Fault Sensitivity Analysis Yang Li 1, Kazuo Sakiyama 1, Shigeto Gomisawa 1, Toshinori Fukunaga 2, Junko Takahashi 1,2, and Kazuo Ohta 1 1 Department of Informatics, The University of Electro-Communications
More informationTHE FINITE LAB-TRANSFORM (FLT) Peter Lablans
THE FINITE LAB-TRANSFORM (FLT) Peter Lablans Warning: The subject matter of this article is, at least partially, protected by Copyright Registration and by issued patents and pending patent applications.
More information