Introduction to Physical Attacks Arnaud Tisserand CNRS, Lab-STICC 25th October 2018
Summary • Introduction • Side Channel Attacks • Fault Injection Attacks • Conclusion and References Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 2/24
Applications with Security Needs Applications : smart cards, computers, Internet, telecommunications, set-top boxes, data storage, RFID tags, WSN, smart grids. . . Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 3/24
Attacks attack Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 4/24
Attacks observation attack perturbation invasive Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 4/24
Attacks timing analysis power analysis EMR analysis observation attack perturbation fault injection invasive reverse engineering probing EMR = Electromagnetic radiation Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 4/24
Attacks timing analysis power analysis EMR analysis observation attack perturbation theoretical fault injection invasive reverse engineering probing EMR = Electromagnetic radiation Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 4/24
Attacks timing analysis power analysis EMR analysis observation attack perturbation theoretical fault injection invasive reverse engineering advanced algorithms probing optimized programming EMR = Electromagnetic radiation Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 4/24
Side Channel Attacks (SCAs) (1/2) Attack : attempt to find, without any knowledge about the secret: • the message (or parts of the message) • informations on the message • the secret (or parts of the secret) Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 5/24
Side Channel Attacks (SCAs) (1/2) Attack : attempt to find, without any knowledge about the secret: • the message (or parts of the message) • informations on the message • the secret (or parts of the secret) “Old style” side channel attacks : + good value clic clac bad value Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 5/24
Side Channel Attacks (SCAs) (2/2) E D E k ( M ) D k ( E k ( M )) = M M A B k k General principle: measure external parameter(s) on running device in order to deduce internal informations Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 6/24
Side Channel Attacks (SCAs) (2/2) E D E k ( M ) D k ( E k ( M )) = M M A B k k measure attack k , M ??? E General principle: measure external parameter(s) on running device in order to deduce internal informations Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 6/24
What Should be Measured? Answer : everything that can “enter” and/or “get out” in/from the device • power consumption • electromagnetic radiation • temperature • sound • computation time • number of cache misses • number and type of error messages • ... The measured parameters may provide informations on: • global behavior (temperature, power, sound...) • local behavior (EMR, # cache misses...) Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 7/24
Power Consumption Analysis General principle: 1. measure the current i ( t ) in the cryptosystem 2. use those measurements to “deduce” secret informations crypto. secret key = 962571. . . i ( t ) R V DD Crypto/server-dell traces Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 8/24
Differences & External Signature An algorithm : r = c 0 for i from 1 to n do if a i = 0 then r = r + c 1 else r = r × c 2 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 9/24
Differences & External Signature An algorithm has a current signature : r = c 0 for i from 1 to n do if a i = 0 then r = r + c 1 else r = r × c 2 I t 1 2 3 4 5 6 7 8 i I + I × a i 0 1 1 0 1 0 0 1 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 9/24
Differences & External Signature An algorithm has a current signature and a time signature: r = c 0 for i from 1 to n do if a i = 0 then r = r + c 1 else r = r × c 2 T t T + T × I t 1 2 3 4 5 6 7 8 i I + I × a i 0 1 1 0 1 0 0 1 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 9/24
Simple Power Analysis (SPA) Source: [2] Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 10/24
Simple Power Analysis (SPA) Source: [2] Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 10/24
SPA on ECC protocol level encryption signature etc [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) field level . . . x ± y x × y Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
SPA on ECC protocol level encryption signature etc [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) field level . . . x ± y x × y Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
SPA on ECC protocol level DBL DBL DBL DBL DBL DBL encryption signature etc [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) field level . . . x ± y x × y Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
SPA on ECC protocol level DBL DBL DBL ADD DBL ADD DBL DBL encryption signature etc [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) field level . . . x ± y x × y Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
SPA on ECC protocol level DBL DBL DBL ADD DBL ADD DBL DBL encryption signature etc 0 0 0 1 1 0 [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) • simple power analysis (& variants) field level . . . x ± y x × y Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
SPA on ECC protocol level DBL DBL DBL ADD DBL ADD DBL DBL encryption signature etc 0 0 0 1 1 0 [ k ] P curve level Scalar multiplication operation ADD ( P , Q ) DBL ( P ) for i from 0 to t − 1 do if k i = 1 then Q = ADD ( P , Q ) P = DBL ( P ) • simple power analysis (& variants) field level . . . x ± y x × y • differential power analysis (& variants) • horizontal/vertical/templates/. . . attacks Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 11/24
Limits of the SPA Example of behavior difference: (activity into a register) t 0000000000000000 0000000000000000 t + 1 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 12/24
Limits of the SPA Example of behavior difference: (activity into a register) t 0000000000000000 0000000000000000 t + 1 1111111111111111 0000000000000001 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 12/24
Limits of the SPA Example of behavior difference: (activity into a register) t 0000000000000000 0000000000000000 t + 1 1111111111111111 0000000000000001 Important : a small difference may be evaluated has a noise during the measurement traces cannot be distinguished Question : what can be done when differences are too small? Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 12/24
Limits of the SPA Example of behavior difference: (activity into a register) t 0000000000000000 0000000000000000 t + 1 1111111111111111 0000000000000001 Important : a small difference may be evaluated has a noise during the measurement traces cannot be distinguished Question : what can be done when differences are too small? Answer : use statistics over several traces Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 12/24
Differential Power Analysis (DPA) cryptosystem Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Differential Power Analysis (DPA) cryptosystem internal state Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Differential Power Analysis (DPA) cryptosystem internal state select bit b to attack b = 1 b = 0 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Differential Power Analysis (DPA) cryptosystem implementation internal state select bit b to attack b = 1 b = 0 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Differential Power Analysis (DPA) cryptosystem implementation internal state power model select bit b to attack b = 1 b = 0 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Differential Power Analysis (DPA) cryptosystem implementation internal state power model select bit b to attack power( H b =1 ) b = 1 power( H b =0 ) b = 0 Arnaud Tisserand. CNRS – Lab-STICC. Introduction to Physical Attacks 13/24
Recommend
More recommend