Fault-Based Attack of RSA Authentication

Similar documents
Side-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck

0x1A Great Papers in Computer Security

SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017

Part VI. Public-key cryptography

INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET)

CS669 Network Security

Chapter 9 Public Key Cryptography. WANG YANG

Micro-Architectural Attacks and Countermeasures

Public Key Cryptography

Public Key Cryptography and RSA

A New Attack with Side Channel Leakage during Exponent Recoding Computations

Public Key Encryption. Modified by: Dr. Ramzi Saifan

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

RSA (algorithm) History

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Side-Channel Cryptanalysis. Joseph Bonneau Security Group

Applied Cryptography and Computer Security CSE 664 Spring 2018

Other Systems Using Timing Attacks. Paul C. Kocher? EXTENDED ABSTRACT (7 December 1995)

Fault injection attacks on cryptographic devices and countermeasures Part 1

CPSC 467b: Cryptography and Computer Security

Chapter 3 Public Key Cryptography

Cryptographic Primitives and Protocols for MANETs. Jonathan Katz University of Maryland

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security 3/23/18

CS 161 Computer Security

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

Public Key Encryption

How Do We Make Designs Insecure?

RSA. Public Key CryptoSystem

Number Theory and RSA Public-Key Encryption

! Addition! Multiplication! Bigger Example - RSA cryptography

Chapter 7 Public Key Cryptography and Digital Signatures

Fault Attacks on Public Keys

Keywords Security, Cryptanalysis, RSA algorithm, Timing Attack

SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation

Some Stuff About Crypto

Basic principles of pseudo-random number generators

An effective Method for Attack RSA Strategy

PARAMETRIC TROJANS FOR FAULT-BASED ATTACKS ON CRYPTOGRAPHIC HARDWARE

Public Key Algorithms

Overview. Public Key Algorithms I

CSC 474/574 Information Systems Security

Introduction to Cryptography Lecture 7

Public-key encipherment concept

Multi-Stage Fault Attacks

Analysis, demands, and properties of pseudorandom number generators

Public Key Algorithms

Recovering cryptographic keys with the cold boot attack

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Introduction to Software Countermeasures For Embedded Cryptography

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Introduction to Cryptography Lecture 7

White-Box Cryptography State of the Art. Paul Gorissen

Midterm Exam. CS381-Cryptography. October 30, 2014

Remote Timing Attacks are Practical

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

A Mathematical Proof. Zero Knowledge Protocols. Interactive Proof System. Other Kinds of Proofs. When referring to a proof in logic we usually mean:

Zero Knowledge Protocols. c Eli Biham - May 3, Zero Knowledge Protocols (16)

Public Key Algorithms

Blind Differential Cryptanalysis for Enhanced Power Attacks

CRYPTOGRAPHIC devices are widely used in applications

ASYMMETRIC CRYPTOGRAPHY

A practical integrated device for lowoverhead, secure communications.

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

Public Key Perturbation of Randomized RSA Implementations

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

MM23SC8128RM Flash Security Turbo Microcontroller Smart Card Chip With 1024 bit RSA & Maths Co-processor

CS408 Cryptography & Internet Security

Constant-Time Callees with Variable-Time Callers. Cesar Pereida Garcı a Billy Bob Brumley Tampere University of Technology Finland

An efficient variant of the RSA cryptosystem

A physical level perspective

Public Key Cryptography and the RSA Cryptosystem

An overview and Cryptographic Challenges of RSA Bhawana

A Fault Attack Against the FOX Cipher Family

Topics : Analysis of Software Systems. Side channel analysis. Remote Timing Attacks are Practical

BLOWFISH ALGORITHM ON ITS OWN CLOUD COMPUTER PERFORMANCE AND IMPLEMENTATION

Using Error Detection Codes to detect fault attacks on Symmetric Key Ciphers

CS Side-Channel Attacks. Vitaly Shmatikov

Identification Schemes

LECTURE 4: Cryptography

Technological foundation

What did we talk about last time? Public key cryptography A little number theory

Secure Multiparty Computation

Recover a RSA private key from a TLS session with Perfect Forward Secrecy. Marco Ortisi

International Journal of Scientific Research and Reviews

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Secure Smartcard Design against Laser Fault Injection. FDTC 2007, September 10 th Odile DEROUET

Cryptography and Network Security. Sixth Edition by William Stallings

Recovering cryptographic keys with the cold boot attack

Provably Secure and Efficient Cryptography

Key Challenges on Integer Factorization in RSA Public Key Cryptosystem

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

A different kind of Crypto

Uzzah and the Ark of the Covenant

Transcription:

Fault-Based Attack of RSA Authentication, Valeria Bertacco and Todd Austin 1

Cryptography: Applications 2

Value of Cryptography $2.1 billions 1,300 employees $1.5 billions 4,000 employees $8.7 billions 15,500 employees $24.5 billions 24,300 employees From Bloomberg News 3

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 4

What is Secure Communication? m Insecure medium How do we enable authenticated communication? 5

Asymmetric Cryptography Insecure medium 6

Asymmetric Cryptography m s Insecure medium m 7

Asymmetric Cryptography Insecure medium m m s 8

RSA Keys The protocol is based on two number pairs, called keys 1. Chooses two large prime numbers p & q 2. Computes n = p*q 3. Chooses two numbers, d & e such that: d*e = 1 mod ((p-1)(q-1)) Effect: m de mod n = m mod n 4. Keeps (d,n) as his secret private key 5. Advertises (e,n) as his public key Private key (d,n) Insecure medium Public key (e,n) 9

RSA Authentication Correct Authentication: Server challenge: s = m d mod n Client verifies: m = s e mod n m Private Key (d,n) Public Key (e,n) s m 10

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 11

Are These Algorithms Secure? (i.e., cryptanalysis) Attack the algorithm by guessing key 13506641086599522334960 32162788059699388814756 05667027524485143851526 51060485953383394028715 05719094417982072821644 71551373680419703964191 74304649658927425623934 10208643832021103729587 25762358509643110564073 50150818751067659462920 55636855294. Attack the implementation Side-channel by monitoring side effects Fault-Based a faulty processor may leak secrets time consuming: > age of Universe 12

Attack the Algorithm In 2009 Thorsten Kleinjung et al., factorized a 768- bit RSA key: 1230186684530117755130494958384962720772853569595334792197 3224521517264005072636575187452021997864693899564749427740 6384592519255732630345373154826850791702612214291346167042 Factoring a 1024-bit RSA modulus would be about a 9214311602221240479274737794080665351419597459856902143413 thousand times harder = 3347807169895689878604416984821269081770479498371376856891 2431388982883793878002287614711652531743087737814467999489 we will not be able to factor a 1024-bit RSA modulus within the next five years * 3674604366679959042824463379962795263227915816434308764267 6032283815739666511279233373417143396810270092798736308917 From Factorization of a 768-bit RSA modulus, Kleinjung et al. 13

Side-Channel Attacks Gain information from the implementation of a cryptosystem Measure computation time to extract information about algorithm s inputs: 1024-bit RSA key extracted in 2 hours From Remote timing attacks are practical, Brumley and Boneh Monitor dynamic power of a cryptosystem to extract secrets From Differential Power Analysis, Kocher et al. 14

Fault-Based Attacks Cause errors in the system: a faulty computer may leak secrets Theoretical on some RSA implementations Chinese Remainder Theorem Left-to-right exponentiation Demonstrated on simple components Smart Cards & Microcontrollers From On the Importance of Checking Computations, Boneh et al. From Fault attacks on RSA with CRT: Concrete results and practical countermeasures, Aumuller et al. and 15 A practical fault attack on square and multiply, Schmidt et al.

Our Contribution First fault-based attack on a complete unmodified system Discovered vulnerability in OpenSSL 1024-bit secret key extracted in 100 hours Faults manifest on the multiplier of the CPU 16

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 17

Faulty RSA Authentication Correct Authentication: Server challenge: Private Key (d,n) m Public Key (e,n) s = m d mod n Client verifies: m = s e mod n s m Faulty Server: ŝ!= m d mod n Private Key (d,n) m Public Key (e,n) ŝ 18

Computing: s=m d mod n Fixed Window Exponentiation, used in OpenSSL The algorithm partitions the exponent into windows: d =110110110001 110110010101 s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s 19

Computing: s=m d mod n s=1 for each window: d=214= 1101 0110 for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s s=1 window 1 window 2 s=1 ( (m 1101 ) 2 ) 2 ) 2 ) 2 s= m 1101 s= ( (m 1101 ) 2 ) 2 ) 2 ) 2 )m 0110 s = ( (m 1101 ) 2 ) 2 ) 2 ) 2 )m 0110 20

Faulty Signature: ŝ!=m d mod n s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s d=214= 1101 0110 s=1 window 1 window 2 ŝ s=1 = ( (m 1101 ) 2 ) 2 ) ±2 f ) 2 ) 2 s= m 1101 ŝ = ( (m 1101 ) 2 ) 2 ) ±2 f ) 2 ) 2 )m 0110 ŝ = ( (m 1101 ) 2 ) 2 )±2 f ) 2 ) 2 )m 0110 21

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 22

Retrieving the Private Key The attacker collects the faulty signatures Private Key m ŝ ŝ ŝ ŝ Public Key The private key is recovered one window at the time ŝ ŝ ŝ ŝ d= d3 X X d2 X d1 X d0 The attacker checks its guess against the collected signatures 23

Reconstructing the Signature The private key is recovered one window at the time, guessing where and when the fault hits ` d= dk X dk-1 X X Which multiplication? ŝ = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) m d k-2 ) 64 m d 0 Already known Value? Which bit? Extend the window if no signature can confirm the value of the guess 24

Offline Analysis With a sufficient number of corrupted signatures the attack is polynomial respect the length of the key Already known ŝ = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) m d k-2 ) 64 m d 0 For each window value guessed and signature we test: 1024 error positions 2 error values (0 1 or 1 0) 6 squaring iterations Performing this check takes about 100 seconds In the worst case we have 2 6 values to check! Value? Which multiplication? Which bit? 25

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 26

Correct Sequential Circuit How can we inject faults in a digital system? Vdd Register Combinational logic Register 27

Faulty Sequential Circuit How can we inject faults in a digital system? Vdd Register Combinational logic Register The lower the voltage, the less energy the electric signals in traversing the logic cloud 28

Fault Injection Mechanisms How to make hardware fail: Lower voltage causes signals to slow down, thus missing the deadline imposed by the system clock High temperatures increase signal propagation delays Over-clocking shortens the allowed time for traversing the logic cloud Natural particles cause internal signals to change value, causing errors All these sources of errors can be controlled to tune the fault injection rate and target some units in the design 29

Experimental Platform Leon3 30

Physical Attack 8,800 corrupted signatures collected in 10 hours RSA 1024-bit private key, 6-bit window Distributed application with 81 machines for offline analysis Private key recovered in 100 hours 31

Attacked Hardware: Leon3 Register file 7-stage integer pipeline Caches Memory Management Unit AMBA-BUS Serial port Ethernet We attacked a System-on-Chip on an FPGA The Leon3 is used for a variety of applications (from small embedded system to airplanes) The critical path of the Leon3 is through the multiplier 32

Fault Rate A corrupted signature leaks data only if one multiplication is corrupted by a single bit flip 60 16.50 Single bit faults (%) 50 40 30 20 10 Single bit faults Faulty multiplications 13.75 11.00 8.25 5.50 2.75 Faulty products (%) 0 1.30 1.29 1.28 1.27 1.26 1.25 1.24 1.23 Voltage [V] 0 33

Fault Distribution The attacked algorithm uses 6-bit windows: any of the 6 squaring iterations has the same probability to fail 250 200 Occurrences 150 100 50 0 0 1 2 3 4 5 Squaring Iteration 34

Fault Position The faults affects some bit positions more than others, proving that the critical path of the multiplier is failing 80 70 Occurrences 60 50 40 30 20 10 0 0 32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 512 544 576 608 640 672 704 736 768 800 832 864 896 928 960 992 Bit position [0-1023] 35

Offline Analysis In practice 40 bit positions typically affected by faults the computation time is reduced to 2.5 seconds Analyzing 8,800 corrupted signatures requires 1 CPU-year ŝ ŝ ŝ ŝ ŝ ŝ Signatures can be checked in parallel Using 80 servers the 1024-bit key was retrieved in 104 hours 36

Conclusions Faults can leak vital private key data Never assume that an attack is impossible Fault-based attack devised for OpenSSL Fixed Window Exponentiation algorithm Patch for OpenSSL is coming Attack demonstrated on a complete physical Leon3 SPARC system 37

Take Away for the Security Conscious Always keep OpenSSL and all cryptographic libraries updated Always make sure that the HW is working in proper conditions Do not overclock Cool the system properly Avoid power fluctuations A computer system operating outside its nominal conditions might not fail dramatically: however, silent data corruptions are even more dangerous 38

Questions? For more information: apellegrini@umich.edu Prof. Valeria Bertacco valeria@umich.edu Prof. Todd Austin austin@umich.edu 39

RSA Authentication in OpenSSL OpenSSL 0.9.8i, crypto/rsa/rsa_eay.c :... /* First compute the signature I of r0 with the * Chinese Remainder Theorem. */ crt_mod_exp(r0,i,d,n))... bn_mod_exp(vrfy,r0,e,n);... BN_sub(vrfy, vrfy, I);... if (!BN_is_zero(vrfy)) { /* I and vrfy aren t congruent mod n. Don t leak * miscalculated CRT output, just do a raw (slower) * mod_exp and return that instead. */... bn_mod_exp(r0,i,d,n); return 1; 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback