using fault injection to weaken rsa public key
play

Using Fault Injection to weaken RSA public key verification SNE - PowerPoint PPT Presentation

Jan 05, 2023 •201 likes •553 views

Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der Elzen University of Amsterdam What is Fault Injection? Simply put: Introducing faults in a target to alter its intended behavior* *(N.

  1. Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der Elzen University of Amsterdam

  2. What is Fault Injection? Simply put: “Introducing faults in a target to alter its intended behavior”* *(N. Timmers)

  3. What is Fault Injection? Use physical means to induce logical faults into a target ● Electromagnetic ○ Temperature ○ Optical (laser) ○ Voltage ○ Etc. ○ Can cause faults in instructions, execution flow, data. ● Instruction corruption ○ ○ Instruction skipping Data corruption ○

  4. What can Fault Injection accomplish? Some examples: ● ○ Bypassing PIN/password verification Escalating privileges ○ ○ Bypassing Secure boot Extracting RSA private key, AES keys ○ ○ Firmware extraction Modifying data in memory ○ We’ll be using Voltage Fault Injection to modify data ● ● Some excellent references I recommend to check out Bellcore attack on RSA-CRT, Boneh et al. (1996) ○ ○ Attacking RSA public modulus by Seifert (2005) and Muir (2005) Low-voltage attacks on RSA and AES on ARM9 by Barenghi et al. (2009, 2010) ○ ○ Building fault models for microcontrollers, SNE RP2, Spruyt (2012) Proving the wild jungle jump, SNE RP2, Gratchoff (2015) ○ ○ Controlling PC on ARM using Fault Injection, Timmers et al. (2017)

  5. Attacking RSA’s public modulus An RSA public key consists of two values: ● Public exponent e ○ Public modulus N ○ N is (usually) a product of two large prime integers ● ● To get the private key, we need the factorization of N, but this is infeasible If we can modify N , we can make it easier to factor (call this modification N’) ● With the factorization of N’ , we can make a private key ( N’, e, d’) ● As long as the target uses the modified N, our private key will work ●

  6. Voltage glitching to induce faults in data When copying data, we introduce a glitch in ● the supply voltage ● The processor will execute an instruction incorrectly and introduce a fault: Source data: C3B5F25715A8D1 Example voltage glitch Destination data: C3B5F20055A8D1 We can use this to change values in an RSA public key!

  7. The Attack While N is being copied, induce a fault to obtain N’ ● We factor N’ and create a private key d’ ● ● Use d’ to sign a message, which verifies against N’ As long as the target has N’ in memory, the signature will be valid.

  8. Attack example - Secure Boot

  9. Research questions Is modifying the RSA public modulus using voltage fault injection a practical ● means of weakening RSA signature verification? ○ How can an RSA public modulus be modified in a way that is beneficial to an attacker? Which types of modifications reliably yield factorable moduli? ○ ○ Can we create valid private keys from these factorizations? Is it practical to apply this attack against RSA? ○

  10. Obtaining a fault model - Target Characterization Study the effects of V-FI on a memory copy ● Target device: ARM Cortex-M4F 32 bit ● ● Program target device to: Copy data between buffers ○ Set trigger when copy starts and unset when finished ○ Return result ○ Apply voltage glitch after trigger is set ● Riscure ● Record response and classify Normal response, green color ○ Correct glitched response, red color ○ No response, yellow color ○

  11. Experimental Setup Target running our test code ● (Riscure Piñata) ● Glitcher and glitch amplifier (Riscure Spider and GA) Computer ● Control glitcher over USB ○ Control target over UART ○ Record responses from target ○

  12. Experimental Setup (cont.) 1. PC oscilloscope 2. UART interface target <-> PC 3. Target (Piñata) 4. Glitch Amplifier 5. Glitcher (Spider)

  13. Prepare target device Prepare two buffers: ● Fill source with 0x55 ○ Fill destination with 0x44 ○ (Normally memory is initialized with 0x00. We use 0x44 to distinguish between faults) ○ Initialize unused registers to known pattern ● C4 F4 B4 D4 for r4, C5 F5 B5 D5 for r5 etc. ○ ● Copy source to destination Three variants, implemented in ARM assembly: ● Byte-per-byte using LDRB / STRB ○ ○ Word-per-word (4 bytes) using LDR / STR Multi-word (16 bytes) using LDM / STM ○ ● Output destination buffer over UART, bookended with 0xAA, 0xBB

  14. Loop timing measurement Voltage We determine the time each loop takes ● Byte-wise copy using the oscilloscope ● Select glitch timings to hit the middle third (focus on area highlighted in red) Time (μs) Voltage Voltage Multi-word copy Word-wise copy Time (μs) Time (μs)

  15. Glitch characterization, byte-wise, (229815 tests)

  16. Glitch characterization, word-wise, (230123 tests)

  17. Glitch characterization, multi-word-wise (231069 tests)

  18. Refine parameters -> Fix voltage at 2.5V Higher success rate ● Multi-word still difficult, but shows a ● clear area to focus on Further refinement is possible ●

  19. Fault Models observed - some examples Early Break: ● AA 5555...5555555555555554444444444444444 BB Skip: ● AA 5555...55555555555544555555555555555555 BB Zeroed: ● AA 5555...55550000555555555555555555555555 BB Registers : AA 5555...5555DABAFACA55555555C7555555555 BB ● Bitflips: ● AA 5555...5555545555555555555555...55 BB (01010100) Mixed: ● AA 5555...5555D7B7F7C755550000555555554444 BB Other: ● AA 5555...55554400230120AD2C0008152D000851... BB

  20. Determine Fault Model Out of 3.191.236 total tests, we observed 205.366 desired (red) glitches. These glitches are categorized and tallied as follows: Type of fault Percentage of total Early break 63,6% Single skip 7,8% Zeroed 2,2% Other registers 1,5% Flipped bits 1% Other/mixed 23.9%

  21. Most suitable for breaking RSA By far the most common is an early break scenario ● ● This is not the most suitable for breaking RSA Every byte set to 0 at the end adds 2 8 as a factor ○ ○ In this scenario, about half of the messages fail to decrypt properly RSA requires that message and n are coprime ○ ○ You could modify the message to make it work More suitable is a single skip ● It’s the second most common ○ It’s predictable ○ Less likely to add repeating factors ○

  22. But can we hit every single loop iteration? Yes, we can incur single skips in every single byte or word ● More difficult with multi-word ○ AA4455555555555555555555555555555555555555555555555555555555BB We can hit a single iteration with a probability ● AA5544555555555555555555555555555555555555555555555555555555BB AA5555445555555555555555555555555555555555555555555555555555BB AA5555554455555555555555555555555555555555555555555555555555BB of 95% within about 2,5 minutes. AA5555555544555555555555555555555555555555555555555555555555BB AA5555555555445555555555555555555555555555555555555555555555BB AA5555555555554455555555555555555555555555555555555555555555BB AA5555555555555544555555555555555555555555555555555555555555BB If a secure boot takes 10 seconds this scales up ● AA5555555555555555445555555555555555555555555555555555555555BB AA5555555555555555554455555555555555555555555555555555555555BB AA5555555555555555555544555555555555555555555555555555555555BB to once in every 5 hours or so. AA5555555555555555555555445555555555555555555555555555555555BB AA5555555555555555555555554455555555555555555555555555555555BB AA5555555555555555555555555544555555555555555555555555555555BB But we only need one hit for this attack to work! ● AA5555555555555555555555555555445555555555555555555555555555BB AA5555555555555555555555555555554455555555555555555555555555BB AA5555555555555555555555555555555544555555555555555555555555BB AA5555555555555555555555555555555555445555555555555555555555BB AA5555555555555555555555555555555555554455555555555555555555BB AA5555555555555555555555555555555555555544555555555555555555BB AA5555555555555555555555555555555555555555445555555555555555BB AA5555555555555555555555555555555555555555554455555555555555BB AA5555555555555555555555555555555555555555555544555555555555BB AA5555555555555555555555555555555555555555555555445555555555BB AA5555555555555555555555555555555555555555555555554455555555BB AA5555555555555555555555555555555555555555555555555544555555BB AA5555555555555555555555555555555555555555555555555555445555BB AA5555555555555555555555555555555555555555555555555555554455BB AA5555555555555555555555555555555555555555555555555555555544BB

  23. Factoring glitched moduli For “normal” RSA General Number Field Sieve is currently the most efficient ● We can expect multiple smaller factors, so there is a better solution ● ● ECM: Lenstra’s Elliptic Curve Method Can find factors up to 128 bits efficiently ● We used SAGE’s implementation of ECM ● SAGE: an open-source mathematics framework Source: Cloudflare

  24. Factorization testing method Based on most suitable fault model of skipping a single loop iteration. 1. Generate a random RSA key, selecting a size between 512 and 4096 bits 2. Apply glitch to each unit of data in the key separately 3. Attempt factoring of all resulting moduli using ECM Divide ECM threads over each core ○ Use a timeout to keep things manageable ○ 4. Repeat many times with a freshly generated key each time

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

Saurabh Jha, Subho S. Banerjee , James Cyriac, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer Computer Science, Electrical and Computer Engineering AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

215 views • 8 slides
Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault injection, what is it? Fault injection,

920 views • 69 slides
Symbolic Fault Injection Reiner H ahnle &amp; Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle &amp; Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle &amp; Daniel Larsson KeY Symposium Speyer, June 2006 1/28 Symbolic Fault Injection An attempt to introduce Formal Methods into the area of Fault Injection Objective: Evaluate dependability of

691 views • 28 slides
Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research Project 1 Jasper Hupkens Dominika Rusek 05.02.2019 1 Introduction to the world of fault injection Research project at Riscure Fault

678 views • 25 slides
Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

ElectroMagnetic Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs George.Thessalonikefs@os3.nl University of Amsterdam February 5, 2014 Introduction Hardware Fault Injection Induce faults to hardware through side

517 views • 26 slides
Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault Injection basics Fault

1.05k views • 56 slides
Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune timmers@riscure.com c.mune@pulse-sec.com ( @ tieknimmers) ( @ pulsoid) September 25, 2017 Fault Injection A definition... Introducing faults in a target

969 views • 47 slides
Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty Ciphertext But how to inject a fault? Fault: Injection Model Exploitation Non-invasive Device is not altered physical Semi-invasive

602 views • 32 slides
Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Sharif University of Technology Department of Computer Engineering Dependable System Lab [DSL] Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed Nematollah Ahmadian, Seyed Ghassem Miremadi

398 views • 17 slides
Embedded Processor Based Embedded Processor Based Fault Injection and SEU Fault Injection and

Embedded Processor Based Embedded Processor Based Fault Injection and SEU Fault Injection and

Embedded Processor Based Embedded Processor Based Fault Injection and SEU Fault Injection and SEU Emulation for FPGAs Emulation for FPGAs Bradley Dutton, Mustafa Ali, John Bradley Dutton, Mustafa Ali, John Sunwoo, and Charles Stroud Sunwoo,

305 views • 26 slides
Do Does Globalization Weaken Nat National Polic licy Autonomy an and Ha Harm Public Hea

Do Does Globalization Weaken Nat National Polic licy Autonomy an and Ha Harm Public Hea

Do Does Globalization Weaken Nat National Polic licy Autonomy an and Ha Harm Public Hea Health? Eviden ence fr from Tobacco ASHLEY M. FOX, PHD, MA ASHWIN RAMASWAMY, MD ACADEMYHEALTH, GLOBAL HEALTH SESSION 28 JUNE 2016, BOSTON, MA

331 views • 19 slides
A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a

A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a

A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a password manager is a good idea! SQL injection is ironic SQL injection is funny Overviewtrated Account Summary Account: Account: &quot;SELECT

445 views • 32 slides
Optimizing Fault Injection in FMI Co-Simulation through Sensitivity Partitioning Mehrdad Moradi,

Optimizing Fault Injection in FMI Co-Simulation through Sensitivity Partitioning Mehrdad Moradi,

Optimizing Fault Injection in FMI Co-Simulation through Sensitivity Partitioning Mehrdad Moradi, Cludio Gomes, Bentley James Oakes and Joachim Denil Summersim 2019 July 22, 2019 Berlin, Germany Outline Introduction Context and

404 views • 28 slides
Robustness improvement of an SRAM cell against laser-induced fault injection A. Sarafianos a,b ,

Robustness improvement of an SRAM cell against laser-induced fault injection A. Sarafianos a,b ,

Robustness improvement of an SRAM cell against laser-induced fault injection A. Sarafianos a,b , C. Roscian b , J.M. Dutertre b , M. Lisart a , O. Gagliano a , V. Serradeil a , A. Tria b . a STMicroelectronics, Avenue Clestin Coq 13790 Rousset,

273 views • 14 slides
SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD (

SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD (

SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD ( guillaume.boufgard@ssi.gouv.fr ) David EL-BAZE ( david.elbaze@ssi.gouv.fr ) with the help of Thomas TROUCHKINE Agence nationale de la scurit des systmes

523 views • 28 slides
END-TO-END COMPARISON OF IR-LEVEL AND ASSEMBLY-LEVEL FAULT INJECTION Lucas Palazzi Co-authors:

END-TO-END COMPARISON OF IR-LEVEL AND ASSEMBLY-LEVEL FAULT INJECTION Lucas Palazzi Co-authors:

Practical Experience Report A TALE OF TWO INJECTORS: END-TO-END COMPARISON OF IR-LEVEL AND ASSEMBLY-LEVEL FAULT INJECTION Lucas Palazzi Co-authors: Guanpeng Li, Bo Fang, and Karthik Pattabiraman DEPART M ENT OF ELECT RIC AL AN D COM PUT ER

852 views • 56 slides
QUANTUM COMPUTING: SHORS FACTORING ALGORITHM A MATHEMATICAL DESCRIPTION OF THE FUNCTION OF

QUANTUM COMPUTING: SHORS FACTORING ALGORITHM A MATHEMATICAL DESCRIPTION OF THE FUNCTION OF

QUANTUM COMPUTING: SHORS FACTORING ALGORITHM A MATHEMATICAL DESCRIPTION OF THE FUNCTION OF SHORS ALGORITHM AND THE BASIC PRINCIPLES OF QUANTUM COMPUTATION A HIGH-LEVEL SUMMARY Eero Jskelinen Mathematics MOTIVATION Quantum

380 views • 16 slides
Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron

Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron

Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron Gemplus Card International Issy-les-Moulineaux, France Solving polynomial equations Let p ( x ) be a polynomial and N an RSA modulus. Solving

495 views • 27 slides
Non-unique factorizations in rings of integer-valued polynomials (Joint work with Sophie Frisch

Non-unique factorizations in rings of integer-valued polynomials (Joint work with Sophie Frisch

Non-unique factorizations in rings of integer-valued polynomials (Joint work with Sophie Frisch and Roswitha Rissner) Sarah Nakato Graz University of Technology Happy 60th birthday Prof. Blas Torrecillas Outline Preliminaries on Int( D ) and

293 views • 13 slides
Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline

Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline

Cryptanalysis of RSA Variants and Implicit Factorization Santanu Sarkar August 20, 2013 Outline of the Talk RSA Cryptosystem Lattice based Root Finding of Polynomials Common Prime RSA Dual RSA Prime Power RSA Implicit Factorization

773 views • 54 slides
Splines mod m Nealy Bowden Smith College July 24, 2014 Bowden Splines mod m Spline Basics 1

Splines mod m Nealy Bowden Smith College July 24, 2014 Bowden Splines mod m Spline Basics 1

Splines mod m Nealy Bowden Smith College July 24, 2014 Bowden Splines mod m Spline Basics 1 Special Properties (mod m ) 2 Characterizations and the Role of Primes 3 Further Research and New Ideas 4 Bowden Splines mod m Spline Basics

718 views • 32 slides
Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor

Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor

Basic Concepts in Number Theory By, B. R. Chandavarkar CSE Dept., NITK Surathkal Natural number : predecessor and successor. Example: 1, 2, 3, . Whole number : natural number with 0. A factor of number is an exact divisor of that

1.15k views • 79 slides
MatchaScript Like JavaScript, but better for you. Language Guru: Kimberly Hou - kjh2146

MatchaScript Like JavaScript, but better for you. Language Guru: Kimberly Hou - kjh2146

MatchaScript Like JavaScript, but better for you. Language Guru: Kimberly Hou - kjh2146 Systems Architect: Rebecca Mahany - rlm2175 Manager: Jorge Orbay - jao2154 Tester: Rachel Yang - ry2277 Overview on MatchaScript: motivations

517 views • 12 slides
Calculating A k using Fulmers Method Rasheen Alexander, Katie Huston, Thomas Le, Camera Whicker

Calculating A k using Fulmers Method Rasheen Alexander, Katie Huston, Thomas Le, Camera Whicker

Introduction Examples Proving why Fulmers Method works for A k Example of e At from A k Summary Calculating A k using Fulmers Method Rasheen Alexander, Katie Huston, Thomas Le, Camera Whicker July 12, 2013 Calculating A k using Fulmers

718 views • 61 slides

More recommend