a hacker s guide to reducing side channel atuack surgaces
play

A Hackers guide to reducing side-channel atuack surgaces using - PowerPoint PPT Presentation

Apr 15, 2023 •253 likes •935 views

A Hackers guide to reducing side-channel atuack surgaces using deep-learning Google, @jmichel_p Google, @elie with the help of many Googlers and external collaborators Security and Privacy Group Talk is based on some of the results of a

  1. A Hacker’s guide to reducing side-channel atuack surgaces using deep-learning Google, @jmichel_p Google, @elie with the help of many Googlers and external collaborators Security and Privacy Group

  2. Talk is based on some of the results of a joint research project with many collaborators on hardening hardware cryptography Security and Privacy Group

  3. Work in progress Experimental results and code ahead Security and Privacy Group

  4. Side channel atuacks are one of the most effjcient ways to atuack secure hardware Security and Privacy Group

  5. A side-channel atuack was used to recover the Trezor bitcoin wallet private key htups://jochen-hoenicke.de/crypto/trezor-power-analysis/ Security and Privacy Group

  6. Side-channels atuacks are notoriously hard to debug and fjx Security and Privacy Group

  7. Can we create a debugger ? that accurately pinpoints the code vulnerable to side-channel atuacks? Security and Privacy Group

  8. Combine deep-learning and dynamic analysis to pinpoint origin of leakage Security and Privacy Group

  9. AI? Really? Security and Privacy Group

  10. Side Channel Atuacks Leak Detector Security and Privacy Group

  11. Today’s goal : use SCALD to debug tinyAES running on STM32F4 Security and Privacy Group

  12. Agenda What are side channels? AI based side-channel atuacks AI explainability Finding implementation leakage origin with SCALD Security and Privacy Group

  13. Code and slides htups://elie.net/scald Security and Privacy Group

  14. Disclaimer This talk purposely focuses on showcasing a high level overview of how to debug a cryptographic implementation end-to-end using SCALD. For technical details, see the paper Security and Privacy Group

  15. Paru 1 What are side-channel atuacks? Security and Privacy Group

  16. A side-channel atuack is an indirect measurement of a computation result via an auxiliary mechanism Security and Privacy Group

  17. Real-world side-channel applications Extract crypto Recover Pergorm blind Steal passwords wallets encryption keys SQL injections and pins Security and Privacy Group

  18. Plaintext Timing Current Heat Secret Key Electromagnetic emission Security and Privacy Group

  19. 1 2 3 4 5 6 7 8 9 10 AES round are visible in lightly protected AES implementation power traces Security and Privacy Group

  20. SCA in a nutshell Encryption Signal acquisition Template atuack AES key! Security and Privacy Group

  21. NewAE Chipwhisperer Pro + Picoscope 6000 for fast sampling rate is what we use for our research This is not an ad :) it is a recommendation based on what we use Security and Privacy Group

  22. Section 2 AI based side-channel atuacks Security and Privacy Group

  23. Side Channel Atuacks Automated with Machine Learning Security and Privacy Group

  24. How do SCAAML atuacks work in practice? Security and Privacy Group

  25. Check out last year talk for in-depth explanation htups://elie.net/scaaml Security and Privacy Group

  26. Threat model whitebox atuack Contrary to our previous work that focused on black box atuacks, the traces used in this talk are truncated and collected synchronously to improve debugging quality. This is consistent with the white-box atuack model used during chip development. Additionally, the model architecture is also optimized for debugging, not pure pergormance. Security and Privacy Group

  27. SCAAML process overview Encryption Signal acquisition Predictions Combine DNN AES key! (ChipWhisperer) using DNN predictions Security and Privacy Group

  28. key key PT TinyAES has multiples atuack points that can be sub_bytes_in targeted by SCAAML. Today we focus on SBOX sub_bytes_in sub_bytes_out Security and Privacy Group

  29. Probabilistic atuack: ... ... Security and Privacy Group

  30. Probabilistic atuack: Val 0: 0.10 Val 0: 0.08 Val 0: 4.4 Val 1: 0.02 Val 1: 0.04 Val 1: 5.3 Val 2: 0.01 Val 2: 0.05 Val 2: 3.2 + … + ... ... ... Val 42: 0.3 Val 42: 0.12 Val 42: 21.4 ... ... ... Val 254: 0.02 Val 254: 0.03 Val 254: 2.9 Val 255: 0.05 Val 255: 0.10 Val 255: 4.2 *sum uses log10 + ε Security and Privacy Group

  31. Model architecture Hyperuuned residual separated 1D convolution network Custom residual block used Security and Privacy Group

  32. Tensorboards - 1 model per byte Security and Privacy Group

  33. Our side-channel optimized model architecture yield 16 high accuracy model in 5 epoch as expect on this easy use-case Security and Privacy Group

  34. How to fjnd where ? TinyAES is leaking using our model? Security and Privacy Group

  35. Section 3 Deep-learning explainability Security and Privacy Group

  36. A classic vision model prediction Boxer ... Tiger cat Security and Privacy Group

  37. Why did the model ? predict a tiger cat and a boxer? Security and Privacy Group

  38. Explainability to the rescue: Why did the model ? Boxer predict a tiger cat and dog? Explainer Security and Privacy Group

  39. Explainability to the rescue: Why did the model ? Tiger cat predict a tiger cat and dog? Security and Privacy Group

  40. Identifying errors and biases Unmasking Clever Hans Predictors and Assessing What Machines Really Learn Security and Privacy Group

  41. How do I use explainability and ? combine it with dynamic analysis to debug leakages? Security and Privacy Group

  42. Section 4 Finding leakage origin with SCALD Security and Privacy Group

  43. Annotated code SCALD: Game plan SCALD: Game plan Target emulator Model (cpu + fjrmware) Annotated code Explainer Target emulator Traces + predictions Leakage map Security and Privacy Group

  44. Many explainability techniques exists Sanity Checks for Saliency Maps - Adebayo et al. Security and Privacy Group

  45. Which explainability ? techniques work best? Security and Privacy Group

  46. Leak maps Aggregate, fjlter, and normalize Reduce to key spikes Security and Privacy Group

  47. Byte 0 leak map SNR visualization for various techniques Grad Cam++ Activations maps Security and Privacy Group

  48. Benchmarking key explainability techniques mask top n points Accuracy decrease Test traces model Leak map Security and Privacy Group

  49. Benchmark results: lower is betuer 100% 95% 95% 57% 58% 58% 44% Byte 0 Byte 7 Byte 7 Byte 7 Byte 0 Byte 0 Baseline SNR Activation Grad Cam++ maps Security and Privacy Group Preliminary results - 4 points masked

  50. Explainability techniques don’t work betuer than SNR and have very noisy leak maps Security and Privacy Group

  51. Develop a technique tailored to leakage explanation Security and Privacy Group

  52. Custom code? Really? Security and Privacy Group

  53. SCALD leakage map SCALD explainer combines paruitioned Byte 0 and convolutive occlusion for speed and precise leakage Byte 7 pinpointing Security and Privacy Group

  54. Benchmark results: lower is betuer 100% 95% 95% 57% 58% 58% 44% 42% 17% Byte 0 Byte 7 Byte 7 Byte 7 Byte 0 Byte 0 Baseline SNR Activation Grad Cam++ SCALD maps Security and Privacy Group Preliminary results - 4 points masked

  55. SNR byte 0 leak maps comparaison: the Gradcam SCALD map is visibly cleaner SCALD Security and Privacy Group

  56. SCALD custom explainability technique decreases accuracy the most and generate low noise leak map Security and Privacy Group

  57. How do you go from the ? leakage map to code? Security and Privacy Group

  58. From traces to CPU instructions state automaton FW CPU Leakage map Mapped ASM Security and Privacy Group

  59. From CPU instructions to code Firmware Debug symbol Mapped ASM Code mapper Code leakage mapping Security and Privacy Group

  60. Theory looks great but ? how hard is it in practice? Security and Privacy Group

  61. Requirements An explanation technique that have single point precision We need to isolate the exact few points of the traces that cause most of the leakage as some instruction only take one cycle or two (4 or 8 traces points) An emulator that have single cycle precision We need to map each instruction to its exact cycle to be able to map them to the trace. A single error and the entire analysis is wrong as all instruction will be shifued. A bit of computation You need a 1M data point dataset, 16 models, 16 explanations, 1 full target execution and 1 mapping. With all our optimization this is requires a few days of computation that are parallelizable. Security and Privacy Group

  62. This level of explainability and emulation precision seems out-of reach Security and Privacy Group

  63. Model targeting sub_bytes_in are expected to mostly exploit leakage in the AddRoundKey() function STM32F4 - TinyAES Security and Privacy Group

  64. TinyAES aes.c line 213 is exactly the sub_byte_in operation! SCALD perfectly identify the main source of leakage. Scald analysis result output Security and Privacy Group

  65. SCALD is able to automatically isolate the exact code vulnerable to a given SCAAML side-channel atuack Security and Privacy Group

Recommend

Mind The Portability A Warriors Guide through Realistic Profiled Side-channel Analysis Shivam

Mind The Portability A Warriors Guide through Realistic Profiled Side-channel Analysis Shivam

Mind The Portability A Warriors Guide through Realistic Profiled Side-channel Analysis Shivam Bhasin 1 , Dirmanto Jap 1 , Anupam Chattopadhyay 1 , Stjepan Picek 2 , Annelie Heuser 3 , and Ritu Ranjan Shrivastwa 4 1 NTU, Singapore 2 TU Delft,

335 views • 22 slides
+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel Architectures WAMOS 2015 Advanced Opera3ng Systems Hochschule RheinMain Alexander Baumgrtner and

539 views • 25 slides
FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware Begl Bilgin, Andrey Bogdanov, Miroslav Kne evi , Florian Mendel, and Qingju Wang 1 DIAC 2013, Chicago Side Channel Resistance 2 Side

1.29k views • 76 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer FSE 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

635 views • 30 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer ESC 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

476 views • 33 slides
The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel

The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel

The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations Stjepan Picek, Annelie Heuser, Alan Jovic, Shivam Bhasin, and Francesco Regazzoni Big Picture side-channel measurements device classifier

822 views • 33 slides
Generic Side-Channel Distinguishers: Improvements and Limitations N. Veyrat-Charvillon and F-X.

Generic Side-Channel Distinguishers: Improvements and Limitations N. Veyrat-Charvillon and F-X.

Side-Channel Cryptanalysis Models and Dependencies New Generic Test Experiments Conclusions Generic Side-Channel Distinguishers: Improvements and Limitations N. Veyrat-Charvillon and F-X. Standaert UCL Crypto Group, Universit e catholique

355 views • 24 slides
SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna Ors Yal cn Istanbul Technical University Department of Electronics and Communication Engineering Introduction A side-channel analysis attack

1.81k views • 99 slides
Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers

Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers

Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers will always cheat xkcd #538 What is side channel cryptanalysis? Side Channels: whatever the designers ignored Key Plaintext Encryption Cipher

1.14k views • 112 slides
Recent advances in side- channel analysis using machine learning techniques Annelie Heuser with

Recent advances in side- channel analysis using machine learning techniques Annelie Heuser with

Recent advances in side- channel analysis using machine learning techniques Annelie Heuser with Stjepan Picek, Sylvain Guilley, Alan Jovic, Shivam Bhasin, Tania Richmond, Karlo Knezevic In this talk Short recap on side-channel analysis

4.52k views • 56 slides
Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands May 6, 2018 Outline 1 Side-channels 2 Implementation Attacks 3 Side-channel Attacks 4 Fault Injection 2 / 48

824 views • 48 slides
Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curves Side-Channel Countermeasures Conclusion Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks Vincent Verneuil 1 , 2 1 Inside Secure 2 Institut de Math ematiques de Bordeaux S

2.22k views • 188 slides
The Need for Speed: Applications of HPC in Side Channel

The Need for Speed: Applications of HPC in Side Channel

The Need for Speed: Applications of HPC in Side Channel Research Dr. M. Elisabeth Oswald Reader, EPSRC Leadership Fellow University of Bristol Roadmap

280 views • 25 slides
Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Plaintext: A Missing Feature for Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of side-channel countermeasures Anh-Tuan Hoang, Neil Hanley and Mire ONeill CHES 2020 14-18 September 2020 Outline

622 views • 21 slides
AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

Nicolas Belleville Damien Courouss Karine Heydemann Henri-Pierre Charles AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 | Belleville Nicolas INTRODUCTION Focus on power/EM based side channel

535 views • 31 slides
Reducing Social Isolation and Loneliness by enabling and empowering people with dementia ntia

Reducing Social Isolation and Loneliness by enabling and empowering people with dementia ntia

Exploring opportunities Building communities Changing lives Side by Side Reducing Social Isolation and Loneliness by enabling and empowering people with dementia ntia Side by Side 2 Reducing Social Isolation and Loneliness by enabling and

494 views • 10 slides
Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet nadia.el-mrabet@emse.fr Mines St Etienne WRACH2019, April 17, 2019 Side channel attacks Physical counter measures Algorithmic counter measures Arithmetical

900 views • 36 slides
Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas ROCHE ANSSI (French Network and Information Security Agency) Thursday, December 3rd, 2013 Side Channel Attacks (SCA)| Linear Regression Attack

340 views • 32 slides
CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert Brotzman, Shen Liu, Danfeng Zhang, Gang Tan, Mahmut Kandemir Pennsylvania State University Cache Side Channels Process Data CPU Cache Program Side

390 views • 20 slides
Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel Snooping Scenario: Ann the Attacker works in a building across the street from Victor the Victim. Late one night Ann can see Victor hard at work in

727 views • 44 slides
Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015

Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015

Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015 Montreal, QC. Overview W.t.f is side-channel power analysis (again) Example: IEEE 802.15.4 Node Example: AES-256 Bootloader W.t.f.

633 views • 47 slides
Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable security against SCA

1.62k views • 92 slides
Higher-Order Side Channel Security and Mask Refreshing J.-S. Coron,E. Prouff, M. Rivain and T.

Higher-Order Side Channel Security and Mask Refreshing J.-S. Coron,E. Prouff, M. Rivain and T.

Higher-Order Side Channel Security and Mask Refreshing J.-S. Coron,E. Prouff, M. Rivain and T. Roche thomas.roche@ssi.gouv.fr FSE 2013 March 2013 T. Roche, ANSSI Higher-Order Side Channel Security and Mask Refreshing Side Channel Analysis

1.14k views • 75 slides
OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of

OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of

OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of GNUCITIZEN SALES PITCH Cutting-edge Think Tank THERE ISN'T ANY! CLIENT-SIDE SECURITY Overview of various Client-Side Hacking Tricks and

766 views • 64 slides

More recommend