side channel plaintext recovery attacks on leakage
play

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient - PowerPoint PPT Presentation

Jun 02, 2023 •44 likes •284 views

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017 Content Differential power analysis for key recovery Re-keying

  1. Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017

  2. Content Differential power analysis for key recovery Re-keying countermeasure: few data inputs Summary: Re-keying induces DPA that allows to recover constant plaintexts Streaming mode: first-order DPA Block mode: profiled second-order DPA Multi-party communication, memory encryption Particularly critical for long-term keys 30. March 2017 Thomas Unterluggauer, Graz University of Technology 2

  3. Motivation K Symmetric cryptography, e.g., block cipher E Key K used for multiple p i , c i E p i c i Differential Power Analysis (DPA) n encryptions: E K ( p i ) ℓ Observe power consumption Statistical analysis reveals K 30. March 2017 Thomas Unterluggauer, Graz University of Technology 3

  4. Motivation k i Protect implementation (masking) Change key frequently (re-keying) E p i c i Reduce input data complexity Leakage-resilient encryption ℓ Protects the key i Plaintext? 30. March 2017 Thomas Unterluggauer, Graz University of Technology 4

  5. Leakage-Resilient Encryption Extends re-keying to messages of arbitrary length Secure (leak-free) initialization Derive session key k i from master key K Security proof: Assumption: bounded side-channel leakage of the used primitive Scheme’s total leakage on the key is bounded 30. March 2017 Thomas Unterluggauer, Graz University of Technology 5

  6. Leakage-Resilient Streaming Mode [SPY + 10] n C A C A g k 0 E E k 1 k 2 … K C B C B E y 0 E y 1 p 0 c 0 p 1 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 6

  7. Leakage-Resilient Block Mode [TS15] n C A C A g k 0 E k 1 E k 2 … K p 0 p 1 E E c 0 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 7

  8. DPA on Leakage-Resilient Encryption 30. March 2017 Thomas Unterluggauer, Graz University of Technology 8

  9. DPA on Streaming Mode (1) n C A C A g k 0 E k 1 E k 2 … K C B C B E y 0 E y 1 p 0 c 0 p 1 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 9

  10. DPA on Streaming Mode (2) Encryption of constant p 0 with different keys k 0 , k ′ 0 , k ′′ 0 Leakage model for y 0 = c 0 ⊕ p 0 , e.g., HW Compute leakage for all possible values of p 0 Statistical distinguisher to get correct p 0 C B p 0 y 0 E k 0 c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 10

  11. DPA on Streaming Mode (3) Standard DPA on XOR Applies to all stream ciphers Key stream always changes: pad must not be reused Encryption of the same plaintext... 30. March 2017 Thomas Unterluggauer, Graz University of Technology 11

  12. DPA on Streaming Mode: Evaluation Implementation of LR streaming mode Single AES core with one round per cycle Multiplexing: pad computation and key update Apply 128-bit pad to plaintext in parallel Sakura G board Spartan 6 LX75 FPGA @ 24 MHz Hardware trigger LeCroy WP725Zi @ 250 MS Correlation with byte-wise hypotheses 30. March 2017 Thomas Unterluggauer, Graz University of Technology 12

  13. DPA on Streaming Mode: Evaluation 0.15 Correlation 0.1 0.05 0 10 , 000 20 , 000 30 , 000 40 , 000 Number of Traces 30. March 2017 Thomas Unterluggauer, Graz University of Technology 13

  14. DPA on Block Mode (1) n C A C A g k 0 E k 1 E k 2 … K p 0 p 1 E E c 0 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 14

  15. DPA on Block Mode (2) Encryption of constant p 0 with different keys k 0 , k ′ 0 , k ′′ 0 Block cipher: no simple leakage model using p 0 Unknown Plaintext Template Attacks [HTM09] Constant key and varying, unknown plaintext Idea: switch roles of key and plaintext p 0 E k 0 c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 15

  16. DPA on Block Mode (3) Profiling phase: templates for k 0 , 0 and v 0 Attack phase: Probabilities for k 0 , 0 and v 0 Joint probability of k 0 , 0 and v 0 → p 0 , 0 Many different keys to get unique p 0 , 0 k 0,0 p 0 E v 0 k 0 S p 0,0 … c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 16

  17. DPA on Block Mode: Evaluation Implementation of LR block mode AES: Byte-oriented C Implementation (AVR-Crypto-Lib) ChipWhisperer-Lite Atmel XMEGA128D4-U @ 7 . 4 MHz Sampling on board 29 . 5 MS Template building using 30 000 traces Hamming weight of a byte (key / sbox) Multivariate Gaussian templates (50 POI) 30. March 2017 Thomas Unterluggauer, Graz University of Technology 17

  18. DPA on Block Mode: Evaluation · 10 − 4 3 S-box Key 2 Variance 1 0 0 500 1 , 000 1 , 500 2 , 000 2 , 500 3 , 000 Sample 30. March 2017 Thomas Unterluggauer, Graz University of Technology 18

  19. DPA on Block Mode: Evaluation 1 0 . 8 Probability 0 . 6 0 . 4 0 . 2 0 0 1 , 000 2 , 000 3 , 000 4 , 000 5 , 000 Number of Traces 30. March 2017 Thomas Unterluggauer, Graz University of Technology 19

  20. Applications Leakage rises with the amount of processed data Mixing constant with varying data Key vs. plaintext leakage Communication protocols SSL: fresh session key Download static file from, e.g., webserver LR encryption: transmission errors Constrained resources: re-encryption Key wrapping insufficient 30. March 2017 Thomas Unterluggauer, Graz University of Technology 20

  21. Application: Memory Encryption RAM encryption: fresh key on startup, e.g., Intel SGX Critical if long-term key is loaded into RAM Plaintext recovery = key recovery Storage with LR encryption: Read-modify-write operations Key update when a part changes E.g., 1 byte in 128-bit block RAM encryption using counter mode: Pad computed from address and block counter Key changes on every copy and write-back 30. March 2017 Thomas Unterluggauer, Graz University of Technology 21

  22. Conclusion Security of re-keying in LR encryption Protects the key from SCA Vulnerability: re-encryption of constant plaintexts 1st order DPA on stream cipher 2nd order template attack on block mode Classical setting: mixing constant with varying data Relevance: memory encryption and multi-party communication Use masking in these applications 30. March 2017 Thomas Unterluggauer, Graz University of Technology 22

  23. Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017

  24. References [HTM09] Neil Hanley, Michael Tunstall, and William P . Marnane. Unknown plaintext template attacks. In WISA 2009 , pages 148–162, 2009. [SPY + 10] Franc ¸ois-Xavier Standaert, Olivier Pereira, Yu Yu, Jean-Jacques Quisquater, Moti Yung, and Elisabeth Oswald. Leakage resilient cryptography in practice. In Towards Hardware-Intrinsic Security – Foundations and Practice , pages 99–134. 2010. [TS15] Mostafa M. I. Taha and Patrick Schaumont. Key updating for leakage resiliency with application to AES modes of operation. IEEE Trans. Information Forensics and Security , 10(3):519–528, 2015. 30. March 2017 Thomas Unterluggauer, Graz University of Technology 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable security against SCA

1.62k views • 92 slides
Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World Crypto & Privacy ibenik , Croatia Outline Why physical attacks matter Implementation attacks and power analysis Leakage Detection

972 views • 52 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Friday, September 11 th , 2015 Motivation Physical Attacks & Countermeasures input output input output Timing, Power, EM,

746 views • 47 slides
Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands May 6, 2018 Outline 1 Side-channels 2 Implementation Attacks 3 Side-channel Attacks 4 Fault Injection 2 / 48

824 views • 48 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer ESC 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

476 views • 33 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer FSE 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

635 views • 30 slides
Analyzing Side-Channel Leakage of RFID-Suitable Lightweight

Analyzing Side-Channel Leakage of RFID-Suitable Lightweight

Ins$tute for Applied Informa$on Processing and Communica$ons (IAIK) Analyzing Side-Channel Leakage of RFID-Suitable Lightweight ECC Hardware

244 views • 23 slides
Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet nadia.el-mrabet@emse.fr Mines St Etienne WRACH2019, April 17, 2019 Side channel attacks Physical counter measures Algorithmic counter measures Arithmetical

900 views • 36 slides
Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas ROCHE ANSSI (French Network and Information Security Agency) Thursday, December 3rd, 2013 Side Channel Attacks (SCA)| Linear Regression Attack

340 views • 32 slides
SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna Ors Yal cn Istanbul Technical University Department of Electronics and Communication Engineering Introduction A side-channel analysis attack

1.81k views • 99 slides
How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research

How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research

How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research Silicon Valley Protecting Sensitive Computations from Leakage/Side-Channel Attacks Sensitive computations: Cryptographic Algorithms Secret Key

232 views • 20 slides
Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp, Adam Lackorzynski * , Jrmie Decouchant, Vincent Rahli, Francisco Rocha, and Paulo Esteves-Verssimo * Kernkonzept GmbH and University of

289 views • 28 slides
Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner Schindler Federal Office for Information Security (BSI), Bonn, Germany Leuven, September 13, 2012 Outline Introduction and motivation

799 views • 60 slides
Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks Pieter Robyns Motivation and introduction Motivation Information about performing EM side-channel attacks using SDR is quite scarce A few

758 views • 42 slides
HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately,

363 views • 12 slides
Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal Holloway, University of London The 21st International Workshop on Fast Software Encryption March 4th, 2014 jacob.schuldt@rhul.ac.uk Agenda

684 views • 37 slides
Lecture 8: Cryptography Trust No One. 1 / 20 Cryptography: Basic Set Up Alice Bob Eve Goal:

Lecture 8: Cryptography Trust No One. 1 / 20 Cryptography: Basic Set Up Alice Bob Eve Goal:

Lecture 8: Cryptography Trust No One. 1 / 20 Cryptography: Basic Set Up Alice Bob Eve Goal: system st Bob gets the message, Eve doesnt 2 / 20 Cryptography: Basic Set Up Alice Bob Eve Goal: system st Bob gets the message, Eve

1.32k views • 90 slides
Powering a number (a bit easier than the recursive mystery question on the homework) Problem:

Powering a number (a bit easier than the recursive mystery question on the homework) Problem:

CS 3343 -- Spring 2006 Powering a number (a bit easier than the recursive mystery question on the homework) Problem: Compute a n , where n N . Naive algorithm: ( n ). Divide-and-conquer algorithm: (recursive squaring) a n/ 2 a n/ 2 if n

450 views • 3 slides
How to Write Fast Numerical Code Spring 2011 Lecture 8 Instructor: Markus Pschel TA: Georg

How to Write Fast Numerical Code Spring 2011 Lecture 8 Instructor: Markus Pschel TA: Georg

How to Write Fast Numerical Code Spring 2011 Lecture 8 Instructor: Markus Pschel TA: Georg Ofenbeck Reuse (Inherent Temporal Locality) Reuse of an algorithm: Number of operations Minimal number of Size of input + size of output data

465 views • 18 slides
Distributed Statistical Estimation of Matrix Products with Applications David Woodruff Qin Zhang

Distributed Statistical Estimation of Matrix Products with Applications David Woodruff Qin Zhang

Distributed Statistical Estimation of Matrix Products with Applications David Woodruff Qin Zhang CMU IUB PODS 2018 June, 2018 1-1 The Distributed Computation Model p -norms, heavy-hitters, . . . A { 0 , 1 } m n B { 0 , 1 } n m

668 views • 43 slides
Linked Data Indexing Methods: A Survey Martin Svoboda, Irena Mlnkov Charles University in

Linked Data Indexing Methods: A Survey Martin Svoboda, Irena Mlnkov Charles University in

Linked Data Indexing Methods: A Survey Martin Svoboda, Irena Mlnkov Charles University in Prague The Czech Republic 21st October 2011 SWWS@OTM, Crete, Greece Outline Introduction Dimensions Approaches Observations

248 views • 20 slides
Measurement Study of Low- Introduction bitrate Internet Video Streaming Many studies of

Measurement Study of Low- Introduction bitrate Internet Video Streaming Many studies of

Measurement Study of Low- Introduction bitrate Internet Video Streaming Many studies of Internet performance Paxson, Mogul, Caceres Dmitri Loguinov and Hayder Radha Across countries, many sites CS Dept at CUNY NY and EE/ECE at

75 views • 6 slides
T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices Xiaopeng Li, Qiang Zeng , Lannan

T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices Xiaopeng Li, Qiang Zeng , Lannan

T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices Xiaopeng Li, Qiang Zeng , Lannan Luo, Tongbo Luo CCS 2020 IoT Pairing Pairing is supposed to establish a secure communication channel IoT pairing is important for adding

345 views • 21 slides
Display Technology Images stolen from various locations on the web... Cathode Ray Tube 1

Display Technology Images stolen from various locations on the web... Cathode Ray Tube 1

Display Technology Images stolen from various locations on the web... Cathode Ray Tube 1 Cathode Ray Tube Raster Scanning 2 Electron Gun Beam Steering Coils 3 Color Shadow Mask and Aperture Grille 4 Liquid Crystal Displays Liquid

345 views • 33 slides

More recommend