side channel plaintext recovery attacks on leakage
play

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient - PowerPoint PPT Presentation

Jun 02, 2023 •44 likes •284 views

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017 Content Differential power analysis for key recovery Re-keying

  1. Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017

  2. Content Differential power analysis for key recovery Re-keying countermeasure: few data inputs Summary: Re-keying induces DPA that allows to recover constant plaintexts Streaming mode: first-order DPA Block mode: profiled second-order DPA Multi-party communication, memory encryption Particularly critical for long-term keys 30. March 2017 Thomas Unterluggauer, Graz University of Technology 2

  3. Motivation K Symmetric cryptography, e.g., block cipher E Key K used for multiple p i , c i E p i c i Differential Power Analysis (DPA) n encryptions: E K ( p i ) ℓ Observe power consumption Statistical analysis reveals K 30. March 2017 Thomas Unterluggauer, Graz University of Technology 3

  4. Motivation k i Protect implementation (masking) Change key frequently (re-keying) E p i c i Reduce input data complexity Leakage-resilient encryption ℓ Protects the key i Plaintext? 30. March 2017 Thomas Unterluggauer, Graz University of Technology 4

  5. Leakage-Resilient Encryption Extends re-keying to messages of arbitrary length Secure (leak-free) initialization Derive session key k i from master key K Security proof: Assumption: bounded side-channel leakage of the used primitive Scheme’s total leakage on the key is bounded 30. March 2017 Thomas Unterluggauer, Graz University of Technology 5

  6. Leakage-Resilient Streaming Mode [SPY + 10] n C A C A g k 0 E E k 1 k 2 … K C B C B E y 0 E y 1 p 0 c 0 p 1 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 6

  7. Leakage-Resilient Block Mode [TS15] n C A C A g k 0 E k 1 E k 2 … K p 0 p 1 E E c 0 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 7

  8. DPA on Leakage-Resilient Encryption 30. March 2017 Thomas Unterluggauer, Graz University of Technology 8

  9. DPA on Streaming Mode (1) n C A C A g k 0 E k 1 E k 2 … K C B C B E y 0 E y 1 p 0 c 0 p 1 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 9

  10. DPA on Streaming Mode (2) Encryption of constant p 0 with different keys k 0 , k ′ 0 , k ′′ 0 Leakage model for y 0 = c 0 ⊕ p 0 , e.g., HW Compute leakage for all possible values of p 0 Statistical distinguisher to get correct p 0 C B p 0 y 0 E k 0 c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 10

  11. DPA on Streaming Mode (3) Standard DPA on XOR Applies to all stream ciphers Key stream always changes: pad must not be reused Encryption of the same plaintext... 30. March 2017 Thomas Unterluggauer, Graz University of Technology 11

  12. DPA on Streaming Mode: Evaluation Implementation of LR streaming mode Single AES core with one round per cycle Multiplexing: pad computation and key update Apply 128-bit pad to plaintext in parallel Sakura G board Spartan 6 LX75 FPGA @ 24 MHz Hardware trigger LeCroy WP725Zi @ 250 MS Correlation with byte-wise hypotheses 30. March 2017 Thomas Unterluggauer, Graz University of Technology 12

  13. DPA on Streaming Mode: Evaluation 0.15 Correlation 0.1 0.05 0 10 , 000 20 , 000 30 , 000 40 , 000 Number of Traces 30. March 2017 Thomas Unterluggauer, Graz University of Technology 13

  14. DPA on Block Mode (1) n C A C A g k 0 E k 1 E k 2 … K p 0 p 1 E E c 0 c 1 30. March 2017 Thomas Unterluggauer, Graz University of Technology 14

  15. DPA on Block Mode (2) Encryption of constant p 0 with different keys k 0 , k ′ 0 , k ′′ 0 Block cipher: no simple leakage model using p 0 Unknown Plaintext Template Attacks [HTM09] Constant key and varying, unknown plaintext Idea: switch roles of key and plaintext p 0 E k 0 c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 15

  16. DPA on Block Mode (3) Profiling phase: templates for k 0 , 0 and v 0 Attack phase: Probabilities for k 0 , 0 and v 0 Joint probability of k 0 , 0 and v 0 → p 0 , 0 Many different keys to get unique p 0 , 0 k 0,0 p 0 E v 0 k 0 S p 0,0 … c 0 30. March 2017 Thomas Unterluggauer, Graz University of Technology 16

  17. DPA on Block Mode: Evaluation Implementation of LR block mode AES: Byte-oriented C Implementation (AVR-Crypto-Lib) ChipWhisperer-Lite Atmel XMEGA128D4-U @ 7 . 4 MHz Sampling on board 29 . 5 MS Template building using 30 000 traces Hamming weight of a byte (key / sbox) Multivariate Gaussian templates (50 POI) 30. March 2017 Thomas Unterluggauer, Graz University of Technology 17

  18. DPA on Block Mode: Evaluation · 10 − 4 3 S-box Key 2 Variance 1 0 0 500 1 , 000 1 , 500 2 , 000 2 , 500 3 , 000 Sample 30. March 2017 Thomas Unterluggauer, Graz University of Technology 18

  19. DPA on Block Mode: Evaluation 1 0 . 8 Probability 0 . 6 0 . 4 0 . 2 0 0 1 , 000 2 , 000 3 , 000 4 , 000 5 , 000 Number of Traces 30. March 2017 Thomas Unterluggauer, Graz University of Technology 19

  20. Applications Leakage rises with the amount of processed data Mixing constant with varying data Key vs. plaintext leakage Communication protocols SSL: fresh session key Download static file from, e.g., webserver LR encryption: transmission errors Constrained resources: re-encryption Key wrapping insufficient 30. March 2017 Thomas Unterluggauer, Graz University of Technology 20

  21. Application: Memory Encryption RAM encryption: fresh key on startup, e.g., Intel SGX Critical if long-term key is loaded into RAM Plaintext recovery = key recovery Storage with LR encryption: Read-modify-write operations Key update when a part changes E.g., 1 byte in 128-bit block RAM encryption using counter mode: Pad computed from address and block counter Key changes on every copy and write-back 30. March 2017 Thomas Unterluggauer, Graz University of Technology 21

  22. Conclusion Security of re-keying in LR encryption Protects the key from SCA Vulnerability: re-encryption of constant plaintexts 1st order DPA on stream cipher 2nd order template attack on block mode Classical setting: mixing constant with varying data Relevance: memory encryption and multi-party communication Use masking in these applications 30. March 2017 Thomas Unterluggauer, Graz University of Technology 22

  23. Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017

  24. References [HTM09] Neil Hanley, Michael Tunstall, and William P . Marnane. Unknown plaintext template attacks. In WISA 2009 , pages 148–162, 2009. [SPY + 10] Franc ¸ois-Xavier Standaert, Olivier Pereira, Yu Yu, Jean-Jacques Quisquater, Moti Yung, and Elisabeth Oswald. Leakage resilient cryptography in practice. In Towards Hardware-Intrinsic Security – Foundations and Practice , pages 99–134. 2010. [TS15] Mostafa M. I. Taha and Patrick Schaumont. Key updating for leakage resiliency with application to AES modes of operation. IEEE Trans. Information Forensics and Security , 10(3):519–528, 2015. 30. March 2017 Thomas Unterluggauer, Graz University of Technology 24

Recommend

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable security against SCA

1.62k views • 92 slides
Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World Crypto & Privacy ibenik , Croatia Outline Why physical attacks matter Implementation attacks and power analysis Leakage Detection

972 views • 52 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Friday, September 11 th , 2015 Motivation Physical Attacks & Countermeasures input output input output Timing, Power, EM,

746 views • 47 slides
Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands May 6, 2018 Outline 1 Side-channels 2 Implementation Attacks 3 Side-channel Attacks 4 Fault Injection 2 / 48

824 views • 48 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer ESC 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

476 views • 33 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer FSE 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

635 views • 30 slides
Analyzing Side-Channel Leakage of RFID-Suitable Lightweight

Analyzing Side-Channel Leakage of RFID-Suitable Lightweight

Ins$tute for Applied Informa$on Processing and Communica$ons (IAIK) Analyzing Side-Channel Leakage of RFID-Suitable Lightweight ECC Hardware

244 views • 23 slides
Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet nadia.el-mrabet@emse.fr Mines St Etienne WRACH2019, April 17, 2019 Side channel attacks Physical counter measures Algorithmic counter measures Arithmetical

900 views • 36 slides
Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas ROCHE ANSSI (French Network and Information Security Agency) Thursday, December 3rd, 2013 Side Channel Attacks (SCA)| Linear Regression Attack

340 views • 32 slides
SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna Ors Yal cn Istanbul Technical University Department of Electronics and Communication Engineering Introduction A side-channel analysis attack

1.81k views • 99 slides
How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research

How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research

How to Compute under AC 0 Leakage without Secure Hardware Guy Rothblum Microsoft Research Silicon Valley Protecting Sensitive Computations from Leakage/Side-Channel Attacks Sensitive computations: Cryptographic Algorithms Secret Key

232 views • 20 slides
Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp, Adam Lackorzynski * , Jrmie Decouchant, Vincent Rahli, Francisco Rocha, and Paulo Esteves-Verssimo * Kernkonzept GmbH and University of

289 views • 28 slides
Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner Schindler Federal Office for Information Security (BSI), Bonn, Germany Leuven, September 13, 2012 Outline Introduction and motivation

799 views • 60 slides
Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks Pieter Robyns Motivation and introduction Motivation Information about performing EM side-channel attacks using SDR is quite scarce A few

758 views • 42 slides
HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately,

363 views • 12 slides
Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal Holloway, University of London The 21st International Workshop on Fast Software Encryption March 4th, 2014 jacob.schuldt@rhul.ac.uk Agenda

684 views • 37 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - 29. August 2015 Tobias Schneider & Amir Moradi Ruhr-Universitt Bochum Embedded Security Group Outline Motivation Statistical Background Testing

461 views • 43 slides
Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curves Side-Channel Countermeasures Conclusion Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks Vincent Verneuil 1 , 2 1 Inside Secure 2 Institut de Math ematiques de Bordeaux S

2.22k views • 188 slides
AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

Nicolas Belleville Damien Courouss Karine Heydemann Henri-Pierre Charles AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 | Belleville Nicolas INTRODUCTION Focus on power/EM based side channel

535 views • 31 slides
AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS SIDE CHANNEL ATTACKS

AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS SIDE CHANNEL ATTACKS

Nicolas Belleville 1 Damien Courouss 1 Karine Heydemann 2 1 Univ Grenoble Alpes, CEA, List, F-38000 Grenoble, France Henri-Pierre Charles 1 firstname.lastname@cea.fr 2 Sorbonne Universit, CNRS, LIP6, F-75005, Paris, France

715 views • 53 slides
Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs M. Medwed,

Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs M. Medwed,

Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs M. Medwed, F.-X. Standaert , A. Joux NXP & UCL Crypto Group & Univ. Versailles CHES 2012, Leuven, Belgium SCA security (implementation level) 1 SCA

857 views • 70 slides
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider

Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th , 2015 Motivation Security Evaluation Leakage Assessment Methodology | CHES 2015 | Tobias Schneider 2

1.15k views • 81 slides
Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers

Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers

Side-Channel Cryptanalysis Joseph Bonneau Security Group jcb82@cl.cam.ac.uk Rule 0: Attackers will always cheat xkcd #538 What is side channel cryptanalysis? Side Channels: whatever the designers ignored Key Plaintext Encryption Cipher

1.14k views • 112 slides
Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Plaintext: A Missing Feature for Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of side-channel countermeasures Anh-Tuan Hoang, Neil Hanley and Mire ONeill CHES 2020 14-18 September 2020 Outline

622 views • 21 slides

More recommend