le lejla ba batin ina
play

Le Lejla Ba Batin ina Digital Security Group Institute for - PowerPoint PPT Presentation

Feb 23, 2023 •331 likes •851 views

Side-channel attacks in the wild: recent advances and countermeasures Le Lejla Ba Batin ina Digital Security Group Institute for Computing and Information Sciences (ICIS) Radboud University Nijmegen CROSSING SUMMER SCHOOL Darmstadt,

  1. Side-channel attacks in the wild: recent advances and countermeasures Le Lejla Ba Batin ina Digital Security Group Institute for Computing and Information Sciences (ICIS) Radboud University Nijmegen CROSSING SUMMER SCHOOL Darmstadt, September 12, 2019

  2. Crypto: theory vs physical reality fault timing injection Side- channels sound power Algorithms are (supposed to be) Implementations leak in theoretically secure physical world R. Anderson and M. Kuhn, P. Kocher, 1996 2

  3. Side-channel security before • Tempest – known since early 1960s that computers generate EM radiation that leaks info about the data being processed – first evidence in 1943: an engineer using a Bell telephone noticed that a digital oscilloscope spiked for every encrypted letter – declassified in 2008 – van Eck phreaking in 1985 • In 1965, MI5 put a microphone near the rotor-cipher machine used by the Egyptian Embassy, the click-sound the machine produced was analyzed to deduce the core position of the machines rotors 3

  4. New Tempest 4

  8. Outline • Implementations of security != secure implementations • Side-channel analysis – Power analysis attacks – Other side-channels: EM • Countermeasures • A real-world example: hacking EdDSA in WolfSSL • Recent developments 8

  9. (In)security of Embedded Systems � Researchers have extracted information from nothing more than the reflection of a computer monitor off an eyeball or the sounds emanating from a printer. � Scientific American, May 2009. http://www.theregister.co.uk/2016/06/04/sidechannel_encryp tion_theft/ � Using EM measurements, we were able to fully extract secret signing keys from OpenSSL and CoreBitcoin running on iOS devices. We also showed partial key leakage from OpenSSL running on Android…, March 2016 . https://www.cs.tau.ac.il/~tromer/mobilesc/ 9

  10. SCA in the news - recent

  11. Embedded cryptographic devices Embedded security: - resource limitation - physical accessibility 11

  12. The goals of attackers • Secret keys/data • Unauthorized access • IP/piracy • (Location) privacy • (Theoretical) cryptanalysis • Reverse engineering • Finding backdoors in chips • … 12

  13. Some real-world attacks • Remote keyless entry system for cars KeeLoq and buildings was hacked in 2008 – KeeLoq: eavesdropping from up to 100 m – remote can be cloned from only 10 power traces – practical key recovery in few minutes • Mifare DESFire MF3ICD40 cracked in 2011 – contactless card used in transit in San Francisco, Australia, and the Czech Republic, also adopted by NASA in 2004 • Acoustic cryptanalysis – Attacking a computer by listening to the high-pitched (10 to 150 KHz) sounds produced as it decrypts data – Extracted 4096-bit RSA keys – Using low- and high-pass filters to ensure to get only the sounds that emanate from the PC while the CPU is decrypting data 13

  14. Side-channel security today • As a research area took off in the 90’s • Many successful attacks published on various platforms and real products e.g. KeeLoq [EK+08], CryptoMemory [BG+12], (numerous) contactless cards • A good business model for security evaluation labs e.g. Riscure and Brightsight 14

  15. Concepts of side-channel leakage Based on (non-intentional) • physical information Often, optimizations enable • leakages Cache: faster memory access o Fixed computation patterns o (rounds) Square vs multiply (for RSA) o 15

  16. Side-Channel Leakage • Physical attacks ≠ Cryptanalysis (gray box, physics) vs (black box, math) • Does not tackle the algorithm's mathematical security Input Output Leakage • Leakages: Timing, Power, EM, Light, Sound, Temperature • Observe physical observances in the device's vicinity and use additional information to perform the attack • Unintentional signals are used to reconstruct data 16

  17. Attack categories • Side-channel attacks – use some physical (analog) characteristic and assume access to it • Faults – use abnormal conditions causing malfunctions in the system e.g. voltage, clock, temperature, light • Micro-probing – accessing the chip surface directly in order to observe, learn and manipulate the device • Reverse engineering – using side-channel analysis to understand inner workings of a system (used on 3060 locking system of Simons Voss) 17

  18. Taxonomy of Implementation Attacks • Invasive versus non-invasive – Invasive aka expensive: the strongest type e.g. bus probing – Semi-invasive: the device is de-packaged but no contact to the chip e.g. optical attacks that read out memory cells (or faults/glitches by voltage, power supply, clock, EM, etc.) – Non-invasive aka low-cost: power/EM measurements – Non-invasive: data remanence in memories – cooling down is increasing the retention time • Side-channel attacks: passive and non-invasive 18

  19. Attackers models • � Simple � attacks: one or a few measurements - visual inspection • Differential attacks: multiple measurements – Use of statistics, signal processing, etc. • Univariate vs multivariate • Combining two or more side-channels • Combining side-channel attack with theoretical cryptanalysis • Template attacks – strongest in 19

  20. Devices under attack 20

  21. Measurement setup for power analysis 21

  22. Simple Power Analysis (SPA) 22

  23. Simple Power Analysis (SPA) • Based on one or a few measurements • Mostly discovery of data-(in)dependent but instruction- dependent properties e.g. – Symmetric: • Number of rounds (resp. key length) • Memory accesses (usually higher power consumption) – Asymmetric: • The key (if badly implemented, e.g. RSA / ECC) • Key length • Implementation details: for example RSA w/wo CRT • Search for repetitive patterns 23

  24. Insecure RSA implementation RSA modular exponentiation Loop Init In: message m,key e(l bits) Output: m e mod n j < 0 A = 1 for j = l – 1 to 0 Return A A = A 2 A = A 2 mod n /* square */ if (bit j of k) is 1 then bit j of k = 1? A = A x m mod n /* multiply */ Return A A = A x m Side-Channel j = j - 1 24

  25. Simple Power Analysis (RSA) • What is the private RSA exponent? [courtesy: C. Clavier] 25

  26. Simple Power Analysis (RSA) [courtesy: C. Clavier] 26

  27. Differential Power Analysis (DPA) 27

  28. DPA summary • Attack has 2 parts: – 'Cryptanalysis': target a sensitive intermediate result for which exhaustive key search is feasible – Engineering, statistics: provide access to an oracle that verifies sub-key hypotheses using power traces • Working principle: – Acquisition part: collect a set of traces with varying inputs – Select sensitive intermediate variable – For each key hypothesis: • Compute hypothetical values of the sensitive variable, sort curves into subset • Compute difference between the subsets • Intuition: – wrong key guesses -> no correlation P vs model, no �� peak � – correct key guess -> good correlation P vs model 28

  29. power trace correct key 2 nd best key Institute for Computing and Information Sciences 64 keys Radboud University Nijmegen, The Netherlands * B.Ege@cs.ru.nl 8 www.cs.ru.nl/B.Ege

  30. Breaking Ed25519 in WolfSSL with N. Samwel et al. 30

  31. Ed25519 facts • Instance of EdDSA, which was proposed to “fix the unnecessary requirements on randomness" in ECDSA • Does not depend on a “good" source of randomness, but instead derives a secret deterministically (hashing the msg and a long- term auxiliary key) • Widely adopted by OpenSSH, Tor, Signal, WolfSSL etc.

  32. EdDSA signature generation

  33. SHA-512 construction

  34. SHA-512 message schedule

  35. The attack

  36. Setup

  37. A countermeasure

  38. Template Attacks • Combination of statistical modeling and power-analysis attacks • Similar ideas are used in detection and estimation theory • Template attacks consist of two stages: – Template-Building Phase (profiling the unprotected device to create the templates) – Template-Matching Phase (use the templates for secret data recovery)

  39. Recent ideas: Deep learning in SCA • Machine learning for profiling introduced a while ago • Recent ideas use deep learning to: – build a profiling model for each possible value of the targeted sensitive variable during the training phase and, during the attack phase these models are used to output the most likely key – deal with misalignment countermeasures using CNNs together with Data Augmentation techniques

  40. At Attacking ECC CC si signatur ures s throug ugh Deep p le learning wi with L. L. We Weissbart an and d S. Pi Pice cek

  41. EdDSA signature generation

  42. Setup - Pinata board: ARM Cortex-M4F core running at 168 MHz - power side-channel - Ed25519 implement. from WolfSSL 3.10.2. - sampling frequency of 1.025 GHz

  43. DL part • ECC scalar multiplication is using a window- based method with radix-16 • Dataset: 6400 traces divided in 80/20 ratio for profiling/attacking groups • 1000 samples (features) recorded for each trace • 16 labels (value-based model)

  44. CNN • VGG-16 architecture was used and ReLU

  45. Results

  46. Results CNN epochs epochs L. Weissbart, S. Picek and L. Batina. One trace is all it takes: Machine Learning-based Side-channel Attack on EdDSA , to appear at SPACE 2019.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Research A (IMC031) Lecture I: Intro Lejla Batina, lejla@cs.ru.nl Peter Schwabe,

Research A (IMC031) Lecture I: Intro Lejla Batina, lejla@cs.ru.nl Peter Schwabe,

Research A (IMC031) Lecture I: Intro Lejla Batina, lejla@cs.ru.nl Peter Schwabe, peter@cryptojedi.org HG 02.059 ICIS, DS group RU Nijmegen Course objectives Introduction to doing research practice oriented you will work on

266 views • 24 slides
Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla

Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla

Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla Batina 1 1 Radboud University, Digital Security, Nijmegen, The Netherlands j.renes,lejla@cs.ru.nl 2 Microsoft Research, Redmond, USA

481 views • 27 slides
Research A Lecture 2: Elements of a research project Lejla

Research A Lecture 2: Elements of a research project Lejla

Research A Lecture 2: Elements of a research project Lejla Batina and Peter Schwabe Slides credit: James Mc Kinna Outline Admin and status Your research project Proposal writing

1.06k views • 50 slides
Friet: An Authenticated Encryption Scheme with Built-in Fault Detection Thierry Simon 1,2 Lejla

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection Thierry Simon 1,2 Lejla

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection Thierry Simon 1,2 Lejla Batina 1 Joan Daemen 1 Vincent Grosso 1,3 Pedro Maat Costa Massolino 1 Kostas Papagiannopoulos 1,4 Francesco Regazzoni 5 Niels Samwel 1 1 Radboud

543 views • 28 slides
strategies for successful fault injection Rafael Boix Carpi 1 , Stjepan Picek 2,3 , Lejla Batina 2

strategies for successful fault injection Rafael Boix Carpi 1 , Stjepan Picek 2,3 , Lejla Batina 2

Glitch it if you can: parameter search strategies for successful fault injection Rafael Boix Carpi 1 , Stjepan Picek 2,3 , Lejla Batina 2 , Federico Menarini 1 , Domagoj Jakobovic 3 and Marin Golub 3 1 Riscure BV, The Netherlands 2 Radboud

711 views • 33 slides
The Chip, Mia and the Table Lejla Batina March 4, 2020 Institute for Computing and Information

The Chip, Mia and the Table Lejla Batina March 4, 2020 Institute for Computing and Information

The Chip, Mia and the Table Lejla Batina March 4, 2020 Institute for Computing and Information Sciences Radboud University High-Tech Women in Science and Technology March 4, 2020, Darmstadt 1 The Chip, Mia and the Table 2 Opening So,

884 views • 65 slides
How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands

How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands

How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands November 13, 2013 Lecture Research A Requirements for the course Deadlines Submission of the full paper (first version): December 10, 2013

1.03k views • 65 slides
Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1 , 2 Lejla Batina 2 , 3

Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1 , 2 Lejla Batina 2 , 3

Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1 , 2 Lejla Batina 2 , 3 Sprengers.Martijn@kpmg.nl KPMG IT Advisory 1 Radboud University Nijmegen 2 K.U. Leuven 3 March 17-18, 2012 Introduction Background Research Results

389 views • 34 slides
Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla

Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla

Complete addition formulas for prime order elliptic curves Joost Renes 1 Craig Costello 2 Lejla Batina 1 j.renes@cs.ru.nl 1 Radboud University, Nijmegen, The Netherlands 2 Microsoft Research, Redmond, USA 16 February 2016 16 February 2016 1 /

642 views • 62 slides
Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other faces youll see Lejla Batina lectures on side-channels Anna Guinet &amp; Niels Samwel JavaCard project &amp; side-channel lab 2 This course:

424 views • 9 slides
Common Cultural Heritage of South East Europe from diversity to the understanding of its common

Common Cultural Heritage of South East Europe from diversity to the understanding of its common

Common Cultural Heritage of South East Europe from diversity to the understanding of its common aspect Lejla Hadzic, Cultural Heritage without Borders HELP ME IDENTIFY THE ORIGIN OF THESE PHOTOS, WHERE ARE THEY TAKEN? Damage to cultural

126 views • 12 slides
Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels

Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels

Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels Samwel, Lejla Batina and Joan Daemen Africacrypt Conference 2020 July 2020 Side Channel Attack Introduction A side-channel is any unintentional

375 views • 36 slides
CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Dan Boneh, Stefan Savage Reminder: Side-channel attacks You saw before how timing

1.37k views • 81 slides
Social Engineering Fundamentals Exploiting the Human Bugs Anthony C. Zboralski

Social Engineering Fundamentals Exploiting the Human Bugs Anthony C. Zboralski

Social Engineering Fundamentals Exploiting the Human Bugs Anthony C. Zboralski &lt;z@bellua.com&gt; Social Engineering ... the social engineer is able to take advantage of people to obtain information with or without the use of

653 views • 18 slides
Statistical Machine Translation George Foster George Foster Statistical Machine Translation A

Statistical Machine Translation George Foster George Foster Statistical Machine Translation A

Statistical Machine Translation George Foster George Foster Statistical Machine Translation A Brief History of MT Origins (1949): WW II codebreaking success suggests statistical approach to MT George Foster Statistical Machine Translation A

840 views • 54 slides
Dynamically shaping the reordering search space of phrase-based SMT Arianna Bisazza &amp;

Dynamically shaping the reordering search space of phrase-based SMT Arianna Bisazza &amp;

Dynamically shaping the reordering search space of phrase-based SMT Arianna Bisazza &amp; Marcello Federico Phrase-based SMT No sentence structure, can only model local dependencies Wrt

644 views • 43 slides
Domestic Robots a case study on security in ubiquitous computing Thomas Knell Ubiquitous

Domestic Robots a case study on security in ubiquitous computing Thomas Knell Ubiquitous

Domestic Robots a case study on security in ubiquitous computing Thomas Knell Ubiquitous Computing Seminar 15.4.2014 Defining Robot There exists no universally accepted definition of a robot Any automatically operated machine that replaces

866 views • 53 slides
Interest Point Detectors &amp; RANSAC Instructor - Simon Lucey 16-423 - Designing Computer

Interest Point Detectors &amp; RANSAC Instructor - Simon Lucey 16-423 - Designing Computer

Interest Point Detectors &amp; RANSAC Instructor - Simon Lucey 16-423 - Designing Computer Vision Apps Today Image Gradients. Interest Point Detectors Matching Regions. RANSAC. I I ( x, y ) I ( x + 1 , y + 1) Simoncelli

1.66k views • 60 slides
Address Transla+on Main Points Address Transla+on Concept

Address Transla+on Main Points Address Transla+on Concept

Address Transla+on Main Points Address Transla+on Concept How do we convert a virtual address to a physical address? Flexible Address Transla+on

1.04k views • 60 slides
Memory: Paging Summer 2016 Cornell University Today An allocation and protection mechanism

Memory: Paging Summer 2016 Cornell University Today An allocation and protection mechanism

CS 4410 Operating Systems Memory: Paging Summer 2016 Cornell University Today An allocation and protection mechanism that is used on most operating systems. 2 Paging Allocation and protection scheme. Processes get non-contiguous

533 views • 21 slides
ADDRESS TRANSLATION AND TLB Mahdi Nazm Bojnordi Assistant Professor School of Computing

ADDRESS TRANSLATION AND TLB Mahdi Nazm Bojnordi Assistant Professor School of Computing

ADDRESS TRANSLATION AND TLB Mahdi Nazm Bojnordi Assistant Professor School of Computing University of Utah CS/ECE 6810: Computer Architecture Overview Announcement Homework 4 submission deadline: Mar. 27 th This lecture Virtual

1.37k views • 17 slides
Operating Systems Operating Systems CMPSC 473 CMPSC 473 Paging Paging March 6, 2008 - Lecture

Operating Systems Operating Systems CMPSC 473 CMPSC 473 Paging Paging March 6, 2008 - Lecture

Operating Systems Operating Systems CMPSC 473 CMPSC 473 Paging Paging March 6, 2008 - Lecture 15 15 March 6, 2008 - Lecture Instructor: Trent Jaeger Instructor: Trent Jaeger Last class: Memory Management Today: Paging

418 views • 31 slides
Chapter 9: Memory Management Background Swapping Contiguous Allocation Paging

Chapter 9: Memory Management Background Swapping Contiguous Allocation Paging

Chapter 9: Memory Management Background Swapping Contiguous Allocation Paging Segmentation Segmentation with Paging Operating System Concepts 9.1 Silberschatz, Galvin and Gagne 2002 Background Program must be

1.09k views • 54 slides
Memory Virtualization: Address Spaces Prof. Patrick G. Bridges 1 University of New Mexico

Memory Virtualization: Address Spaces Prof. Patrick G. Bridges 1 University of New Mexico

University of New Mexico Memory Virtualization: Address Spaces Prof. Patrick G. Bridges 1 University of New Mexico Memory Virtualization What is memory virtualization ? OS virtualizes its physical memory. OS provides an illusion

688 views • 9 slides

More recommend