protecting against fault injection attacks from crt rsa
play

Protecting Against Fault Injection Attacks: from CRT-RSA to all - PowerPoint PPT Presentation

Nov 27, 2022 •254 likes •896 views

Protecting Against Fault Injection Attacks: from CRT-RSA to all Asymmetric Cryptography Pablo Rauzy Sylvain Guilley rauzy@enst.fr guilley@enst.fr pablo.rauzy.name perso.enst.fr/ guilley TELECOM ParisTech CNRS LTCI / COMELEC / SEN S

  1. Protecting Against Fault Injection Attacks: from CRT-RSA to all Asymmetric Cryptography Pablo Rauzy Sylvain Guilley rauzy@enst.fr guilley@enst.fr pablo.rauzy.name perso.enst.fr/ ∼ guilley TELECOM ParisTech CNRS LTCI / COMELEC / SEN S´ eminaire SAS March 19, 2015 @ Gardanne, France Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 1 / 51

  2. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 2 / 51

  3. RSA CRT-RSA The BellCoRe Attack Countermeasures Formal Analysis finja Firsts Results High-Order Countermeasures Towards a Proved High-Order Countermeasure Countermeasures Classification The Essence of a Countermeasure Correcting Shamir’s Countermeasure Simplifying Vigilant’s Countermeasure Generating High-Order Countermeasures Second Results Integrity Verification Entanglement enredo Perspectives Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 3 / 51

  4. RSA RSA ( Rivest, Shamir, Adleman ) Definition RSA [RSA78] is an algorithm for public key cryptography. It can be used as both an encryption and a signature algorithm. ◮ Let M be the message, ( N, e ) the public key, and ( N, d ) the private key such that d · e ≡ 1 mod ϕ ( N ) . ◮ The signature S is computed by S ≡ M d mod N . ◮ The signature can be verified by checking that M ≡ S e mod N . Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 4 / 51

  5. CRT-RSA CRT ( Chinese Remainder Theorem ) Definition CRT-RSA [Ko¸ c94] is an optimization of the RSA computation which allows a fourfold speedup. ◮ Let p and q be the primes from the key generation ( N = p · q ). ◮ These values are pre-computed (considered part of the private key): ◮ d p . = d mod ( p − 1) ◮ d q . = d mod ( q − 1) ◮ i q . = q − 1 mod p ◮ S is then computed as follows: ◮ S p = M d p mod p ◮ S q = M d q mod q ◮ S = S q + q · ( i q · ( S p − S q ) mod p ) (recombination method of [Gar65]). Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 5 / 51

  6. The BellCoRe Attack BellCoRe ( Bell Communications Research ) Definition The BellCoRe attack [BDL97] consists in revealing the secret primes p and q by faulting the computation. It is very powerful as it works even with very random faulting. ◮ The intermediate variable S p (resp. S q ) is faulted as � S p (resp. � S q ). ◮ The attacker thus gets an erroneous signature � S . ◮ The attacker can recover p (resp. q ) as gcd( N, S − � S ) . Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 6 / 51

  7. The BellCoRe Attack Why does it Work? ◮ For all integer x , gcd( N, x ) can only take 4 values: ◮ 1 , if N and x are co-prime, ◮ p , if x is a multiple of p , ◮ q , if x is a multiple of q , ◮ N , if x is a multiple of both p and q , i.e., of N . Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 7 / 51

  8. The BellCoRe Attack Why does it Work? ◮ If S p is faulted (i.e., replaced by � S p � = S p ): � � ◮ S − � ( i q · ( S p − S q ) mod p ) − ( i q · ( � S = q · S p − S q ) mod p ) ⇒ gcd( N, S − � S ) = q Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 7 / 51

  9. The BellCoRe Attack Why does it Work? ◮ If S q is faulted (i.e., replaced by � S q � = S q ): ◮ S − � S ≡ ( S q − � S q ) − ( q mod p ) · i q · ( S q − � S q ) ≡ 0 mod p (because ( q mod p ) · i q ≡ 1 mod p ) ⇒ gcd( N, S − � S ) = p Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 7 / 51

  10. Countermeasures Several protections against the BellCoRe attacks have been proposed. Some of them are given below: ◮ Obvious countermeasures: no CRT, or with signature verification; ◮ Shamir [Sha99]; ◮ Aum¨ uller et al. [ABF + 02]; ◮ Vigilant, original [Vig08] and with some corrections by Coron et al. [CGM + 10]; ◮ Rivain [Riv09]; ◮ Bl¨ omer et al. [BOS03]; ◮ Kim et al. [KKHH11]. ◮ . . . Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 8 / 51

  11. Formal Analysis ◮ The goal is making sure countermeasures are trustworthy. ◮ We want to cover a very general attacker model. ◮ We want our proof to apply to any implementation that is a refinement of the abstract algorithm. ⇒ We want our tool to offer a full fault coverage of CRT-RSA algorithm, thereby keeping the proof valid even if the code is transformed (e.g., optimized, compiled, partitioned in software/hardware, or equipped with dedicated countermeasures). Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 9 / 51

  12. Formal Analysis ◮ The goal is making sure countermeasures are trustworthy. ◮ We want to cover a very general attacker model. ◮ We want our proof to apply to any implementation that is a refinement of the abstract algorithm. ⇒ We want our tool to offer a full fault coverage of CRT-RSA algorithm, thereby keeping the proof valid even if the code is transformed (e.g., optimized, compiled, partitioned in software/hardware, or equipped with dedicated countermeasures). Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 9 / 51

  13. Formal Analysis Attacker Model ◮ An attacker can request a CRT-RSA computation. ◮ During the computation, the attacker can fault any intermediate value. ◮ A faulted value can be zero or random. ◮ The attacker can read the final result of the computation. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 10 / 51

  14. Formal Analysis Fault Model Fault injection Definition During the execution of an algorithm, the attacker can: ◮ modify any intermediate value by setting it to either a random value ( randomizing fault ) or zero ( zeroing fault ), such a fault can be either permanent or transient ; ◮ skip any number of consecutive instructions ( skipping fault ). At the end of the computation the attacker can read the result returned by the algorithm. Attack order Definition We call order of the attack the number of fault injections in the computation. An attack is said to be high-order if its order is strictly more than 1 . Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 11 / 51

  15. Formal Analysis / Fault Model Data-Code Faulting Equivalence Lemma Equivalence between faults on the code and on the data Lemma The effect of a skipping fault (i.e., fault on the code) can be captured by considering only randomizing and zeroing faults (i.e., fault on the data). ◮ If the skipped instructions are part of an arithmetic operation: ◮ either the computation has not been done at all: its results becomes zero (if initialized) or random (if not), ◮ or the computation has partly been done: its result is thus considered random at our modeling level. ◮ If the skipped instruction is a branching instruction, it is equivalent to fault the result of the branching condition: ◮ at zero (i.e., false ), to avoid branching, ◮ at random (i.e., true ), to force branching. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 12 / 51

  16. Formal Analysis Algorithm Description ◮ Low level enough for the attack to work if protections are not implemented. ◮ Intermediate variable that would appear during refinement could be the target of an attack, but such a fault would propagate to an intermediate variable of the high level description. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 13 / 51

  17. finja ◮ Input: ◮ A high level description of the computation, and ◮ an attack success condition. ◮ Output: ◮ Either the list of possible attacks, or ◮ a proof that the computation is resistant to fault injections. ⇒ http://pablo.rauzy.name/sensi/finja.html Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 14 / 51

  18. finja How does it Works? ◮ The description of the computation is transformed into a term . ◮ The term is a tree which encodes: ◮ dependencies between the intermediate values, and ◮ properties of the intermediate values (such as being null, being null modulo another term, or being a multiple of another term) . ◮ Each intermediate value (subterms of the tree) can be faulted, in such case its properties become: ◮ nothing, in the case of a randomizing fault, or ◮ being null, in the case of a zeroing fault. ◮ Symbolic computation by term rewriting is used to simplify the term and the attack success condition. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 15 / 51

  19. finja How does it Works? ◮ The description of the computation is transformed into a term . ◮ The term is a tree which encodes: ◮ dependencies between the intermediate values, and ◮ properties of the intermediate values (such as being null, being null modulo another term, or being a multiple of another term) . ◮ Each intermediate value (subterms of the tree) can be faulted, in such case its properties become: ◮ nothing, in the case of a randomizing fault, or ◮ being null, in the case of a zeroing fault. ◮ Symbolic computation by term rewriting is used to simplify the term and the attack success condition. Pablo Rauzy (Telecom ParisTech) DFA Countermeasures 2015-03-19 15 / 51

Recommend

SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD (

SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD (

SoC, why should we care about Fault Injection Attacks ? Guillaume BOUFFARD ( guillaume.boufgard@ssi.gouv.fr ) David EL-BAZE ( david.elbaze@ssi.gouv.fr ) with the help of Thomas TROUCHKINE Agence nationale de la scurit des systmes

523 views • 28 slides
Laser Fault Injection Attacks Wei He, Jakub Breier, Shivam Bhasin Physical Analysis and

Laser Fault Injection Attacks Wei He, Jakub Breier, Shivam Bhasin Physical Analysis and

Cheap & Cheerful A Low-Cost Digital Sensor for Detecting Laser Fault Injection Attacks Wei He, Jakub Breier, Shivam Bhasin Physical Analysis and Cryptographic Engineering (PACE), Nanyang Technological University, Singapore SPACE 2016,

667 views • 31 slides
Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir

Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir

Towards Generic Countermeasures Against Fault Injection Attacks Gilles Barthe 2 , cois Dupressoir 2 , Sylvain Guilley 1 , Fran Pablo Rauzy 1 , Pierre-Yves Strub 2 1 Telecom ParisTech 2 IMDEA Software Institute Crypto Seminar Day @ IMDEA

101 views • 9 slides
AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

Saurabh Jha, Subho S. Banerjee , James Cyriac, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer Computer Science, Electrical and Computer Engineering AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

215 views • 8 slides
Protecting against Statistical Ineffective Fault Attacks Joan Daemen, Christoph Dobraunig, Maria

Protecting against Statistical Ineffective Fault Attacks Joan Daemen, Christoph Dobraunig, Maria

Protecting against Statistical Ineffective Fault Attacks Joan Daemen, Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Florian Mendel and Robert Primas CHES 2020 Motivation www.tugraz.at Using crypto in the wild requires:

964 views • 64 slides
Protecting the Control Flow of Embedded Processors against Fault Attacks Mario Werner 1 , Erich

Protecting the Control Flow of Embedded Processors against Fault Attacks Mario Werner 1 , Erich

W I S S E N T E C H N I K L E I D E N S C H A F T Protecting the Control Flow of Embedded Processors against Fault Attacks Mario Werner 1 , Erich Wenger 2 , and Stefan Mangard 1 , 1 Graz University of Technology 2 Infineon

552 views • 32 slides
PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019

PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019

Innovation Centre PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019 September 26, 1996 Bellcores Researchers Break Smart Cards BELLCORE ATTACK (1/2) Computation of a signature S = ( m ) d mod N

503 views • 24 slides
Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

Countermeasures Against High-Order Fault-Injection Attacks on CRT-RSA Pablo Rauzy Sylvain Guilley rauzy@enst.fr guilley@enst.fr pablo.rauzy.name perso.enst.fr/ guilley Telecom ParisTech CNRS LTCI / COMELEC / SEN FDTC 2014 Eleventh

460 views • 43 slides
Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers

Debunking Fault Injection Myths and Misconceptions Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault injection, what is it? Fault injection,

920 views • 69 slides
Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der

Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der

Using Fault Injection to weaken RSA public key verification SNE Research Project 2 Ivo van der Elzen University of Amsterdam What is Fault Injection? Simply put: Introducing faults in a target to alter its intended behavior* *(N.

553 views • 34 slides
Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006

Symbolic Fault Injection Reiner H ahnle & Daniel Larsson KeY Symposium Speyer, June 2006 1/28 Symbolic Fault Injection An attempt to introduce Formal Methods into the area of Fault Injection Objective: Evaluate dependability of

691 views • 28 slides
A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA Pablo Rauzy Sylvain

A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA Pablo Rauzy Sylvain Guilley rauzy@enst.fr sylvain.guilley@enst.fr pablo.rauzy.name perso.enst.fr/~guilley Telecom ParisTech LTCI / COMELEC / SEN August 24, 2013

711 views • 47 slides
Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research

Characterization of a Cortex-M4 microcontroller with backside optical fault injection Research Project 1 Jasper Hupkens Dominika Rusek 05.02.2019 1 Introduction to the world of fault injection Research project at Riscure Fault

678 views • 25 slides
Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs

ElectroMagnetic Fault Injection Characterization on ARM Cortex-A9 George Thessalonikefs George.Thessalonikefs@os3.nl University of Amsterdam February 5, 2014 Introduction Hardware Fault Injection Induce faults to hardware through side

517 views • 26 slides
Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek

Using Fault Injection to Turn Data Transfers into Arbitrary Execution Cristofaro Mune Niek Timmers c.mune@pulse-sec.com niek@twentytwosecurity.com @pulsoid @tieknimmers Todays agenda Introduction Fault Injection basics Fault

1.05k views • 56 slides
Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune

Escalating Privileges in Linux using Fault Injection Niek Timmers Cristofaro Mune timmers@riscure.com c.mune@pulse-sec.com ( @ tieknimmers) ( @ pulsoid) September 25, 2017 Fault Injection A definition... Introducing faults in a target

969 views • 47 slides
Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty

Jrn-Marc Schmidt joern-marc.schmidt@iaik.tugraz.at Fault Injection Plaintext Faulty Ciphertext But how to inject a fault? Fault: Injection Model Exploitation Non-invasive Device is not altered physical Semi-invasive

602 views • 32 slides
Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed

Sharif University of Technology Department of Computer Engineering Dependable System Lab [DSL] Fault Injection in Mixed-Signal Environment Using Behavioral Fault Modeling in Verilog-A Seyed Nematollah Ahmadian, Seyed Ghassem Miremadi

398 views • 17 slides
Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Stefan Mangard, Florian Mendel, Robert Primas ASIACRYPT 2018 IAIK - Graz University of Technology www.tugraz.at

1.01k views • 78 slides
CROSS SITE SCRIPTING (XSS) ATTACKS Injection attacks 3/18/19 1 Whoami Ad Adam Nu Nurudin

CROSS SITE SCRIPTING (XSS) ATTACKS Injection attacks 3/18/19 1 Whoami Ad Adam Nu Nurudin

CROSS SITE SCRIPTING (XSS) ATTACKS Injection attacks 3/18/19 1 Whoami Ad Adam Nu Nurudin ini CEH, ITIL L V3, 3, CCNA, CCNP, CASP, PCI-DS DSS.. .. Lead Security Researcher @ Netwatch Technologies Project Consultant, Information

377 views • 20 slides
Countering Code-Injection Attacks With Instruction-Set Randomization Gaurav S. Kc, Angelos D.

Countering Code-Injection Attacks With Instruction-Set Randomization Gaurav S. Kc, Angelos D.

Countering Code-Injection Attacks With Instruction-Set Randomization Gaurav S. Kc, Angelos D. Keromytis Columbia University Vassilis Prevelakis Drexel University 1 Overview of Technique Protect from code-injection attacks create

608 views • 19 slides
Code-Injection Attacks in Browsers Supporting Policies Elias Athanasopoulos , Vasilis Pappas, and

Code-Injection Attacks in Browsers Supporting Policies Elias Athanasopoulos , Vasilis Pappas, and

Code-Injection Attacks in Browsers Supporting Policies Elias Athanasopoulos , Vasilis Pappas, and Evangelos P. Markatos FORTH-ICS What is all about? New code-injection attacks or return-to-libc attacks in the web

666 views • 48 slides
Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras

Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras

Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras Side Channel Analysis Electro magnetic Radiation Fault injection Power consumption Timing channels Preventing Side Channel Attacks is

468 views • 34 slides
Using Partial Taint Tracking To Protect Against Injection Attacks Ioannis Papagiannis , Matteo

Using Partial Taint Tracking To Protect Against Injection Attacks Ioannis Papagiannis , Matteo

PHP Aspis: Using Partial Taint Tracking To Protect Against Injection Attacks Ioannis Papagiannis , Matteo Migliavacca, Peter Pietzuch Department of Computing, Imperial College London USENIX WebApps 2011 Portland, OR, USA Injection

763 views • 47 slides

More recommend