pseudorandom black swans
play

Pseudorandom Black Swans Cache Attacks on CTR DRBG Shaanan Cohney 1 - PowerPoint PPT Presentation

Pseudorandom Black Swans Cache Attacks on CTR DRBG Shaanan Cohney 1 , Andrew Kwong 2 , Shahar Paz 3 , Daniel Genkin 2 , Nadia Heninger 4 , Eyal Ronen 5 , Yuval Yarom 6 1 University of Pennsylvania 2 University of Michigan 3 Tel Aviv University 4


  1. Pseudorandom Black Swans Cache Attacks on CTR DRBG Shaanan Cohney 1 , Andrew Kwong 2 , Shahar Paz 3 , Daniel Genkin 2 , Nadia Heninger 4 , Eyal Ronen 5 , Yuval Yarom 6 1 University of Pennsylvania 2 University of Michigan 3 Tel Aviv University 4 University of California, San Diego , 5 Tel Aviv University and COSIC (KU Leuven) 6 University of Adelaide and Data61

  2. Lesson Learned (the hard way) Plenty of real-world, random number generation disasters: 1 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  3. Lesson Learned (the hard way) Plenty of real-world, random number generation disasters: ◮ Dual EC Backdoor 1 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  4. Lesson Learned (the hard way) Plenty of real-world, random number generation disasters: ◮ Dual EC Backdoor ◮ Juniper Dual EC Incident (RWC 2016) 1 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  5. Lesson Learned (the hard way) Plenty of real-world, random number generation disasters: ◮ Dual EC Backdoor ◮ Juniper Dual EC Incident (RWC 2016) ◮ DUHK Attack on ANSI X9.31 1 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  6. Standardized Designs NIST SP 800-90 series lists approved designs: 2 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  7. Standardized Designs NIST SP 800-90 series lists approved designs: ◮ Dual EC (deprecated in disgrace) ◮ HMAC DRBG ◮ HASH DRBG ◮ CTR DRBG 2 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  8. Standardized Designs NIST SP 800-90 series lists approved designs: ◮ Dual EC (deprecated in disgrace) ◮ HMAC DRBG ◮ HASH DRBG ◮ CTR DRBG Limited formal analysis until Woodage and Shumow (RWC 2018) 2 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  9. CTR DRBG ◮ Highly popular (67.8% of FIPS certifications), integrated into libraries, OSes, CPUs 3 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  10. CTR DRBG ◮ Highly popular (67.8% of FIPS certifications), integrated into libraries, OSes, CPUs ◮ Design: • State consists of key K and counter V 3 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  11. CTR DRBG ◮ Highly popular (67.8% of FIPS certifications), integrated into libraries, OSes, CPUs ◮ Design: • State consists of key K and counter V • Encrypts incrementing counter to generate output 3 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  12. CTR DRBG ◮ Highly popular (67.8% of FIPS certifications), integrated into libraries, OSes, CPUs ◮ Design: • State consists of key K and counter V • Encrypts incrementing counter to generate output • Optional user-provided additional entropy 3 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  13. CTR DRBG: Generate Function K , counter + 1, addin Three Stage Process: 1. Advance State & Add Entropy AES K , counter 4 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  14. CTR DRBG: Generate Function K , counter + 1 Three Stage Process: 1. Advance State & Add Entropy AES 2. Produce Output output 4 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  15. CTR DRBG: Generate Function K , counter + 1, addin Three Stage Process: 1. Advance State & Add Entropy AES 2. Produce Output 3. Advance State & Add Entropy K , counter 4 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  16. Key Rotation Flaw [WS19][CWPG+19] Problem 1: Key is not rotated until after encryptions are done–not safe against key compromise! Problem 2: Additional entropy is optional and implementer chosen. 5 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  17. Problem 1: Key Not Rotated Often Enough K , counter + 1 Attacker may be able to compromise K using a side channel attack An attacker then decrypts PRG output to AES learn state: D K ( output ) = counter + 1 output 6 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  18. Problem 2: Lack of Entropy K , counter + 1, addin Once attacker has ( K , counter ), guesses AES addin and calculates updated state K , counter 7 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  19. Problem 2: Lack of Entropy K , counter + 1, addin Once attacker has ( K , counter ), guesses addin and calculates updated state AES If addin is used at all! K , counter 7 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  20. Is a side-channel attack on CTR DRBG realistic? Condition #1: Are CTR DRBG implementations vulnerable to side-channel attacks? “T-table” AES has been a canonical target for cache attacks for 15 years. Most crypto libraries now use AES-NI by default. 8 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  21. Is a side-channel attack on CTR DRBG realistic? Condition #1: Are CTR DRBG implementations vulnerable to side-channel attacks? “T-table” AES has been a canonical target for cache attacks for 15 years. Most crypto libraries now use AES-NI by default. ... but not for AES when used in CTR DRBG. 8 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  22. Is a side-channel attack on CTR DRBG realistic? Condition #1: Are CTR DRBG implementations vulnerable to side-channel attacks? “T-table” AES has been a canonical target for cache attacks for 15 years. Most crypto libraries now use AES-NI by default. ... but not for AES when used in CTR DRBG. Vulnerable T-table AES CTR DRBG implementations: ◮ OpenSSL 1.0.2 FIPS module ◮ NetBSD kernel systemwide PRG ◮ FortiOSv5 ◮ mbedTLS-SGX ◮ nist rng library 8 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  23. FIPS Requirements “Cryptographic modules may be susceptible to other attacks for which testable security requirements were not available at the time this version of the standard was issued (e.g., power analysis, timing analysis, and/or fault induction) or the attacks were outside of the scope of the standard (e.g., TEMPEST)” – Mitigation of Other Attacks (FIPS 140-2) 9 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  24. Is a side-channel attack on CTR DRBG realistic? Condition #2: Discover an attack scenario that produces enough output. Is this a problem in real world protocols like TLS? Scenario: Attacker compromises PRG state during protocol execution, uses it to compromise cryptographic secrets 10 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  25. Is a side-channel attack on CTR DRBG realistic? Condition #2: Discover an attack scenario that produces enough output. Is this a problem in real world protocols like TLS? Scenario: Attacker compromises PRG state during protocol execution, uses it to compromise cryptographic secrets Empirically, cache attacks require around 2000 bytes of AES output to recover key. 10 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  26. Is a side-channel attack on CTR DRBG realistic? Condition #2: Discover an attack scenario that produces enough output. Is this a problem in real world protocols like TLS? Scenario: Attacker compromises PRG state during protocol execution, uses it to compromise cryptographic secrets Empirically, cache attacks require around 2000 bytes of AES output to recover key. Juniper and DUHK used nonces for state compromise, but these are too short for a cache attack. 10 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  27. Finding long PRG outputs in TLS handshake Brainstorming sources of additional PRG output in TLS handshake: 11 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  28. Finding long PRG outputs in TLS handshake Brainstorming sources of additional PRG output in TLS handshake: ◮ RSA-PSS padding? 11 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  29. Finding long PRG outputs in TLS handshake Brainstorming sources of additional PRG output in TLS handshake: ◮ RSA-PSS padding? ✗ • Randomized signature padding • RFC 8446 restricts PSS salt length for TLS 1.2, so not enough output 11 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  30. Finding long PRG outputs in TLS handshake Brainstorming sources of additional PRG output in TLS handshake: ◮ RSA-PSS padding? ✗ • Randomized signature padding • RFC 8446 restricts PSS salt length for TLS 1.2, so not enough output ◮ ExtendedRandom? 11 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

  31. Finding long PRG outputs in TLS handshake Brainstorming sources of additional PRG output in TLS handshake: ◮ RSA-PSS padding? ✗ • Randomized signature padding • RFC 8446 restricts PSS salt length for TLS 1.2, so not enough output ◮ ExtendedRandom? ✗ • Non-standard IETF proposal to permit clients to request up to 216 bytes of randomness from server • No known functional implementations 11 Pseudorandom Black Swans Cohney, Kwong, Paz, Genkin, Heninger, Ronen, Yarom

Recommend


More recommend