a formal proof of countermeasures against fault injection
play

A Formal Proof of Countermeasures against Fault Injection Attacks on - PowerPoint PPT Presentation

Oct 03, 2022 •236 likes •711 views

A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA Pablo Rauzy Sylvain Guilley rauzy@enst.fr sylvain.guilley@enst.fr pablo.rauzy.name perso.enst.fr/~guilley Telecom ParisTech LTCI / COMELEC / SEN August 24, 2013

  1. A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA Pablo Rauzy Sylvain Guilley rauzy@enst.fr sylvain.guilley@enst.fr pablo.rauzy.name perso.enst.fr/~guilley Telecom ParisTech LTCI / COMELEC / SEN August 24, 2013 — 9h45–10h15 PROOFS 2013 @ Santa Barbara IACR ePrint 2013/506 Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 1 / 31

  2. RSA CRT-RSA The BellCoRe Attack How it works? BellCoRe attack refinement Countermeasures Shamir Countermeasure Aum¨ uller et al. Countermeasure Shortcomings Formal Analysis CRT-RSA Computation Fault Injection Algorithm Description finja Testing Attacks Study of an Unprotected CRT-RSA Computation Study of the Shamir Countermeasure Study of the Aum¨ uller et al. Countermeasure Results Conclusions and Perspectives Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 2 / 31

  3. RSA RSA ( Rivest, Shamir, Adleman ) RSA [RSA78] is an algorithm for public key cryptography. It can be used as both an encryption and a signature algorithm. It works as follows (for simplicity we omit the padding operations): ◮ Let m be the message, ( N , e ) the public key, and ( N , d ) the private key such that d · e ≡ 1 mod ϕ ( N ). ◮ The signature S is computed by S ≡ m d mod N . ◮ The signature can be verified by checking that m ≡ S e mod N . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 3 / 31

  4. RSA RSA ( Rivest, Shamir, Adleman ) RSA [RSA78] is an algorithm for public key cryptography. It can be used as both an encryption and a signature algorithm. It works as follows (for simplicity we omit the padding operations): ◮ Let m be the message, ( N , e ) the public key, and ( N , d ) the private key such that d · e ≡ 1 mod ϕ ( N ). ◮ The signature S is computed by S ≡ m d mod N . ◮ The signature can be verified by checking that m ≡ S e mod N . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 3 / 31

  5. CRT-RSA CRT ( Chinese Remainder Theorem ) CRT-RSA [Ko¸ c94] is an optimization of the RSA computation which allows a fourfold speedup. It works as follows: ◮ Let p and q be the primes from the key generation ( N = p · q ). ◮ These values are pre-computed (considered part of the private key): ◮ d p . = d mod ( p − 1) ◮ d q . = d mod ( q − 1) ◮ i q . = q − 1 mod p ◮ S is then computed as follows: ◮ S p = m d p mod p ◮ S q = m d q mod q ◮ S = S q + q · ( i q · ( S p − S q ) mod p ) Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 4 / 31

  6. CRT-RSA CRT ( Chinese Remainder Theorem ) CRT-RSA [Ko¸ c94] is an optimization of the RSA computation which allows a fourfold speedup. It works as follows: ◮ Let p and q be the primes from the key generation ( N = p · q ). ◮ These values are pre-computed (considered part of the private key): ◮ d p . = d mod ( p − 1) ◮ d q . = d mod ( q − 1) ◮ i q . = q − 1 mod p ◮ S is then computed as follows: ◮ S p = m d p mod p ◮ S q = m d q mod q ◮ S = S q + q · ( i q · ( S p − S q ) mod p ) Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 4 / 31

  7. The BellCoRe Attack BellCoRe ( Bell Communications Research ) The BellCoRe attack [BDL97] consists in revealing the secret primes p and q by faulting the computation. It is very powerful as it works even with very random faulting. It works as follows: ◮ The intermediate variable S p (resp. S q ) is faulted as � S p (resp. � S q ). ◮ The attacker thus gets an erroneous signature � S . ◮ The attacker can recover p (resp. q ) as gcd( N , S − � S ). Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 5 / 31

  8. The BellCoRe Attack BellCoRe ( Bell Communications Research ) The BellCoRe attack [BDL97] consists in revealing the secret primes p and q by faulting the computation. It is very powerful as it works even with very random faulting. It works as follows: ◮ The intermediate variable S p (resp. S q ) is faulted as � S p (resp. � S q ). ◮ The attacker thus gets an erroneous signature � S . ◮ The attacker can recover p (resp. q ) as gcd( N , S − � S ). Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 5 / 31

  9. The BellCoRe Attack How it works? For all integer x , gcd( N , x ) can only take 4 values: ◮ 1, if N and x are co-prime, ◮ p , if x is a multiple of p , ◮ q , if x is a multiple of q , ◮ N , if x is a multiple of both p and q , i.e. , of N . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 6 / 31

  10. The BellCoRe Attack How it works? If S p is faulted ( i.e. , replaced by � S p � = S p ): � � ◮ S − � ( i q · ( S p − S q ) mod p ) − ( i q · ( � S = q · S p − S q ) mod p ) ⇒ gcd( N , S − � S ) = q Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 6 / 31

  11. The BellCoRe Attack How it works? If S q is faulted ( i.e. , replaced by � S q � = S q ): ◮ S − � S ≡ ( S q − � S q ) − ( q mod p ) · i q · ( S q − � S q ) ≡ 0 mod p (because ( q mod p ) · i q ≡ 1 mod p ) ⇒ gcd( N , S − � S ) = p Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 6 / 31

  12. The BellCoRe Attack How it works? If S q is faulted ( i.e. , replaced by � S q � = S q ): ◮ S − � S ≡ ( S q − � S q ) − ( q mod p ) · i q · ( S q − � S q ) ≡ 0 mod p (because ( q mod p ) · i q ≡ 1 mod p ) ⇒ gcd( N , S − � S ) = p Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 6 / 31

  13. The BellCoRe Attack BellCoRe attack refinement This attack has been improved [JLQ99] so it only needs the faulty signature to recover p or q , by computing gcd( N , m − � S e ). ◮ If S p if faulted, then most likely gcd( N , S − � S ) = q , ◮ which means that we have S �≡ � S mod p thus, S e �≡ � S e mod p ; ◮ and that we also have S ≡ � S mod q thus, S e ≡ � S e mod q . ⇒ As S e ≡ m mod N , this proves the result. A symmetrical reasoning can be done if the fault occurs during the computation of S q . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 7 / 31

  14. The BellCoRe Attack BellCoRe attack refinement This attack has been improved [JLQ99] so it only needs the faulty signature to recover p or q , by computing gcd( N , m − � S e ). ◮ If S p if faulted, then most likely gcd( N , S − � S ) = q , ◮ which means that we have S �≡ � S mod p thus, S e �≡ � S e mod p ; ◮ and that we also have S ≡ � S mod q thus, S e ≡ � S e mod q . ⇒ As S e ≡ m mod N , this proves the result. A symmetrical reasoning can be done if the fault occurs during the computation of S q . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 7 / 31

  15. Countermeasures Several protections against the BellCoRe attacks have been proposed. Some of them are given below: ◮ Obvious countermeasures: no CRT, or with signature verification; ◮ Shamir [Sha99]; ◮ Aum¨ uller et al. [ABF + 02]; ◮ Vigilant, original [Vig08] and with some corrections by Coron et al. [CGM + 10]; ◮ Kim et al. [KKHH11]. Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 8 / 31

  16. Countermeasures Several protections against the BellCoRe attacks have been proposed. Some of them are given below: ◮ Obvious countermeasures: no CRT, or with signature verification; ◮ Shamir [Sha99]; ◮ Aum¨ uller et al. [ABF + 02]; ◮ Vigilant, original [Vig08] and with some corrections by Coron et al. [CGM + 10]; ◮ Kim et al. [KKHH11]. Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 8 / 31

  17. Countermeasures Shamir Countermeasure ◮ Introduces a small random number r , co-prime with p and q . ◮ Carries out computations modulo p ′ = p · r and q ′ = q · r . ⇒ Allows retrieval of the results by reduction modulo p and modulo q . ⇒ Enables verification by reduction modulo r . Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 9 / 31

  18. Countermeasures / Shamir Countermeasure Algorithm Input : Message m , key ( p , q , d , i q ), 32-bit random prime r Output : Signature m d mod N , or error if some fault injection is detected. 1 p ′ = p · r 2 d p = d mod ( p − 1) · ( r − 1) p = m d p 3 S ′ mod p ′ 4 q ′ = q · r 5 d q = d mod ( q − 1) · ( r − 1) q = m d q 6 S ′ mod q ′ 7 S p = S ′ mod p p 8 S q = S ′ mod q q 9 S = S q + q · ( i q · ( S p − S q ) mod p ) 10 if S ′ p �≡ S ′ mod r then q return error 11 12 else return S 13 14 end Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 10 / 31

  19. Countermeasures / Shamir Countermeasure Algorithm Input : Message m , key ( p , q , d , i q ), 32-bit random prime r Output : Signature m d mod N , or error if some fault injection is detected. 1 p ′ = p · r 2 d p = d mod ( p − 1) · ( r − 1) p = m d p 3 S ′ mod p ′ 4 q ′ = q · r 5 d q = d mod ( q − 1) · ( r − 1) q = m d q 6 S ′ mod q ′ 7 S p = S ′ mod p p 8 S q = S ′ mod q q 9 S = S q + q · ( i q · ( S p − S q ) mod p ) 10 if S ′ p �≡ S ′ mod r then q return error 11 12 else return S 13 14 end Pablo Rauzy (Telecom ParisTech) Formal CRT-RSA Fault Attacks Analysis PROOFS 2013 10 / 31

Recommend

Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir

Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir

Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir 2 , Sylvain Guilley 1 , Fran Pablo Rauzy 1 , Pierre-Yves Strub 2 1 Telecom ParisTech 2 IMDEA Software Institute Crypto Seminar Day @ IMDEA

101 views • 9 slides
Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006 1/28 Symbolic Fault Injection An attempt to introduce Formal Methods into the area of Fault Injection Objective: Evaluate dependability of

691 views • 28 slides
Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain Guilley rauzy@enst.fr guilley@enst.fr pablo.rauzy.name perso.enst.fr/ guilley Telecom ParisTech CNRS LTCI / COMELEC / SEN FDTC 2014 Eleventh

460 views • 43 slides
Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T.

Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T.

Institut Mines-Tlcom Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T. Porteboeuf PROOFS September 17, 2015 Presentation Outline Introduction, Motivation Multi-level Formal Verification

485 views • 27 slides
AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

Saurabh Jha, Subho S. Banerjee , James Cyriac, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer Computer Science, Electrical and Computer Engineering AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

215 views • 8 slides
Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers

Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers

Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers Sarani Bhattacharya and Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur PROOFS 2016 August 20, 2016 PROOFS 2016 Sarani Bhattacharya

591 views • 42 slides
On the Need of Randomness in Fault Attack Countermeasures Application to AES Victor LOMNE 1 ,

On the Need of Randomness in Fault Attack Countermeasures Application to AES Victor LOMNE 1 ,

Physical Attacks New Attacks on Classical Countermeasures Extended Countermeasures On the Need of Randomness in Fault Attack Countermeasures Application to AES Victor LOMNE 1 , Thomas ROCHE 1 , Adrian THILLARD 1 1 ANSSI (French Network and

358 views • 25 slides
Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Stefan Mangard, Florian Mendel, Robert Primas ASIACRYPT 2018 IAIK - Graz University of Technology www.tugraz.at

1.01k views • 78 slides
Fault-tolerant matrix factorisation: a formal model and proof Camille Coti, Laure Petrucci,

Fault-tolerant matrix factorisation: a formal model and proof Camille Coti, Laure Petrucci,

Daniel Torres Fault-tolerant matrix factorisation: a formal model and proof 1/26 Fault-tolerant matrix factorisation: a formal model and proof Camille Coti, Laure Petrucci, Daniel Alberto Torres Gonz alez Laboratoire dInformatique de

683 views • 49 slides
Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault injection, what is it? Fault injection,

920 views • 69 slides
Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der

Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der

Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der Elzen University of Amsterdam What is Fault Injection? Simply put: Introducing faults in a target to alter its intended behavior* *(N.

553 views • 34 slides
Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research Project 1 Jasper Hupkens Dominika Rusek 05.02.2019 1 Introduction to the world of fault injection Research project at Riscure Fault

678 views • 25 slides
Fault Attacks and Countermeasures Michael Hutter Summer School on Design and Security of

Fault Attacks and Countermeasures Michael Hutter Summer School on Design and Security of

Introduction Threats Setups Attacks Countermeasures Conclusion 1 / 31 Fault Attacks and Countermeasures Michael Hutter Summer School on Design and Security of Cryptographic Algorithms and Devices for Real-World Applications Sibenik,

849 views • 31 slides
Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

ElectroMagnetic Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs George.Thessalonikefs@os3.nl University of Amsterdam February 5, 2014 Introduction Hardware Fault Injection Induce faults to hardware through side

517 views • 26 slides
A Classification of SQL Injection Attack Techniques and Countermeasures William G.J. Halfond,

A Classification of SQL Injection Attack Techniques and Countermeasures William G.J. Halfond,

A Classification of SQL Injection Attack Techniques and Countermeasures William G.J. Halfond, Jeremy Viegas & Alessandro Orso Georgia Institute of Technology This work was partially supported by DHS contract FA8750-05-2-0214 and NSF award

425 views • 29 slides
Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault Injection basics Fault

1.05k views • 56 slides
Fault-based Cryptanalysis on Block Ciphers ASK 2015 Victor LOMNE ANSSI (French Network and

Fault-based Cryptanalysis on Block Ciphers ASK 2015 Victor LOMNE ANSSI (French Network and

Fault-based Cryptanalysis on Block Ciphers ASK 2015 Victor LOMNE ANSSI (French Network and Information Security Agency) Friday, October 2 nd , 2015 - Singapore Introduction| Fault Injection Means| Cryptanalysis methods| Countermeasures|

1.19k views • 69 slides
Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune timmers@riscure.com c.mune@pulse-sec.com ( @ tieknimmers) ( @ pulsoid) September 25, 2017 Fault Injection A definition... Introducing faults in a target

969 views • 47 slides
Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty Ciphertext But how to inject a fault? Fault: Injection Model Exploitation Non-invasive Device is not altered physical Semi-invasive

602 views • 32 slides
Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Sharif University of Technology Department of Computer Engineering Dependable System Lab [DSL] Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed Nematollah Ahmadian, Seyed Ghassem Miremadi

398 views • 17 slides
Overview of Countermeasures against Implementation Attacks Marcel Medwed marcel.medwed@nxp.com

Overview of Countermeasures against Implementation Attacks Marcel Medwed marcel.medwed@nxp.com

Overview of Countermeasures against Implementation Attacks Marcel Medwed marcel.medwed@nxp.com Outline Motivation & general mechanisms Side-channel countermeasures Fault countermeasures Conclusions 2 Design and Security of

549 views • 40 slides
EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 ,

EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 ,

EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 , Karine Heydemann 3 , Amine Dehbaoui 2 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat lEnergie Atomique et aux Energies

679 views • 22 slides
FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine

FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine

FAULT ATTACKS ON TWO SOFTWARE COUNTERMEASURES Nicolas Moro 1,3 , Karine Heydemann 3 , Amine Dehbaoui 2 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat lEnergie Atomique et aux Energies Alternatives 2 ENSM.SE Ecole Nationale

456 views • 22 slides
Formal proof: current progress and outstanding challenges John Harrison Intel Corporation 5th

Formal proof: current progress and outstanding challenges John Harrison Intel Corporation 5th

Formal proof: current progress and outstanding challenges John Harrison Intel Corporation 5th May 2014 (11:0012:00) Summary of talk A century of formal proof Poincar e on formal proof From Principia Mathematica to the computer

1.06k views • 93 slides

More recommend