S C I E N C E P A S S I O N T E C H N O L O G Y Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption Robert Primas, Peter Pessl, Stefan Mangard IAIK, Graz University of Technology, Austria CHES 2017, September 28 www.iaik.tugraz.at
www.iaik.tugraz.at Outlook Single-trace SCA on masked asymmetric lattice-based encryption Combination of template attack (TA) with: Belief Propagation Lattice Decoding Primas 2 CHES 2017, September 28
www.iaik.tugraz.at Outlook Single-trace SCA on masked asymmetric lattice-based encryption Combination of template attack (TA) with: Belief Propagation Lattice Decoding ⇒ Full private key recovery Primas 2 CHES 2017, September 28
www.iaik.tugraz.at Motivation Lattice-based cryptography is a promising PQ candidate Quantum computer resistant Many efficient schemes available Not a lot analysis of implementation security Primas 3 CHES 2017, September 28
www.iaik.tugraz.at Motivation Lattice-based cryptography is a promising PQ candidate Quantum computer resistant Many efficient schemes available Not a lot analysis of implementation security ⇒ First single-trace SCA for lattice-based crypto Primas 3 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Encryption Proposed by Lyubashevsky, Peikert and Regev[LPR10] Based on Learning with Errors Problem Operates on polynomials in the ring: Z q [ x ] / ( x n + 1 ) In our setting: q = 7681 , n = 256 Primas 4 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Encryption r 2 ( a , p ) m ( private key ) ( encoded message ) ( public key ) alice bob * calculations are in Z q [ x ] / ( x n + 1 ) Primas 5 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Encryption r 2 ( a , p ) m ( private key ) ( encoded message ) ( public key ) e 1 , e 2 , e 3 ← X n alice bob * calculations are in Z q [ x ] / ( x n + 1 ) Primas 5 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Encryption r 2 ( a , p ) m ( private key ) ( encoded message ) ( public key ) e 1 , e 2 , e 3 ← X n c 1 = ae 1 + e 2 ← − − − − − − − − − ( cipher text 1 ) alice bob * calculations are in Z q [ x ] / ( x n + 1 ) Primas 5 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Encryption r 2 ( a , p ) m ( private key ) ( encoded message ) ( public key ) e 1 , e 2 , e 3 ← X n c 1 = ae 1 + e 2 ← − − − − − − − − − ( cipher text 1 ) c 2 = pe 1 + e 3 + m ← − − − − − − − − − − − − alice ( cipher text 2 ) bob * calculations are in Z q [ x ] / ( x n + 1 ) Primas 5 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Decryption m = c 1 r 2 + c 2 alice * calculations are in Z q [ x ] / ( x n + 1 ) Primas 6 CHES 2017, September 28
www.iaik.tugraz.at Ring-LWE Decryption m = c 1 r 2 + c 2 alice ⇒ Inefficient: > O ( n 2 ) due to polynomial division * calculations are in Z q [ x ] / ( x n + 1 ) Primas 6 CHES 2017, September 28
www.iaik.tugraz.at Number Theoretic Transform (NTT) Efficient polynomial multiplication in certain rings, e.g.: Z q [ x ] / ( x n + 1 ) Similar to FFT: ab = INTT ( NTT( a ) ∗ NTT ( b ) ) Features butterfly network Primas 7 CHES 2017, September 28
www.iaik.tugraz.at NTT - Butterfly 2-coefficients + x x 0 , 0 1 , 0 ω 0 n x x 0 , 1 1 , 1 - Primas 8 CHES 2017, September 28
www.iaik.tugraz.at NTT - Butterfly Network 4-coefficients + + x x x 0 , 0 1 , 0 2 , 0 + x x x 0 , 1 1 , 1 2 , 1 - + x x x 0 , 2 1 , 2 2 , 2 - x x x 0 , 3 1 , 3 2 , 3 - - Primas 9 CHES 2017, September 28
www.iaik.tugraz.at NTT - Butterfly Network 256-coefficients + + x x x 0 , 0 1 , 0 2 , 0 ω 0 + n x x x 0 , 1 1 , 1 2 , 1 - + ω 0 n x x x 0 , 2 1 , 2 2 , 2 - ω 0 ω 1 n n x x x 0 , 3 1 , 3 2 , 3 - - Primas 10 CHES 2017, September 28
www.iaik.tugraz.at Efficient Ring-LWE Decryption m = c 1 r 2 + c 2 m = INTT ( ˜ c 1 ∗ ˜ r 2 + ˜ c 2 ) alice * calculations are in Z q [ x ] / ( x n + 1 ) * ˜ x is the NTT transformed of x Primas 11 CHES 2017, September 28
www.iaik.tugraz.at Efficient Ring-LWE Decryption m = c 1 r 2 + c 2 m = INTT ( ˜ c 1 ∗ ˜ r 2 + ˜ c 2 ) alice ⇒ Faster: O ( n log n ) * calculations are in Z q [ x ] / ( x n + 1 ) * ˜ x is the NTT transformed of x Primas 11 CHES 2017, September 28
www.iaik.tugraz.at Attack Idea Given the ciphertext ( ˜ c 1 , ˜ c 2 ) and private key ˜ r 2 , decryption is defined as: m = INTT ( ˜ c 1 ∗ ˜ r 2 + ˜ c 2 ) mod q � �� � I INTT * public * ˜ x is the NTT transformed of x Primas 12 CHES 2017, September 28
www.iaik.tugraz.at Attack Idea Given the ciphertext ( ˜ c 1 , ˜ c 2 ) and private key ˜ r 2 , decryption is defined as: m = INTT ( ˜ c 1 ∗ ˜ r 2 + ˜ c 2 ) mod q � �� � I INTT Thus ˜ r 2 can be expressed as: c − 1 ˜ r 2 = ( I INTT − ˜ c 2 ) ∗ ˜ mod q 1 * public * ˜ x is the NTT transformed of x Primas 12 CHES 2017, September 28
www.iaik.tugraz.at Attack Strategy Steps: 1. Single-trace TA on the INTT operation 2. Leakage combination via Belief Propagation (BP) 3. Key recovery via lattice decoding Primas 13 CHES 2017, September 28
www.iaik.tugraz.at Step 1: Template Attack Efficient SW implementation by de Clercq et al. [dCRVV15] Texas Instruments MSP432 (ARM Cortex-M4F) EM-side-channel of power regulation circuitry Observed traces are expected to be close to power consumption Primas 14 CHES 2017, September 28
www.iaik.tugraz.at Step 1: Template Attack Target: Modular multiplication in each butterfly + x x 0 , 0 1 , 0 One factor of multiplication is always known ( ω x n ) x x 0 , 1 1 , 1 - Additional exploitation of timing information Goal: Probability distribution over each observed coefficient Primas 15 CHES 2017, September 28
www.iaik.tugraz.at Step 1: Template Attack Target: Modular multiplication in each butterfly + + x x x 0 , 0 1 , 0 2 , 0 One factor of multiplication is + always known ( ω x x x x n ) 0 , 1 1 , 1 2 , 1 - + Additional exploitation of timing x x x 0 , 2 1 , 2 2 , 2 - information x x x 0 , 3 1 , 3 2 , 3 - - Goal: Probability distribution over each observed coefficient Primas 16 CHES 2017, September 28
www.iaik.tugraz.at Step 2: Belief Propagation Iterative algorithm Calculate marginal distributions Combine leakage information + x x 0 , 0 1 , 0 Usage in SCA first proposed by ω 0 Veyrat-Charvillon [VGS14] n x x 0 , 1 1 , 1 - Primas 17 CHES 2017, September 28
www.iaik.tugraz.at Step 2: Belief Propagation Iterative algorithm Calculate marginal distributions Combine leakage information + x x 0 , 0 1 , 0 Usage in SCA first proposed by ω 0 Veyrat-Charvillon [VGS14] n x x 0 , 1 1 , 1 - Primas 18 CHES 2017, September 28
www.iaik.tugraz.at Step 2: Belief Propagation Iterative algorithm Calculate marginal distributions Combine leakage information + x x 0 , 0 1 , 0 Usage in SCA first proposed by ω 0 Veyrat-Charvillon [VGS14] n x x 0 , 1 1 , 1 - Primas 19 CHES 2017, September 28
www.iaik.tugraz.at Step 2: Belief Propagation Iterative algorithm Calculate marginal distributions Combine leakage information + x x 0 , 0 1 , 0 Usage in SCA first proposed by ω 0 Veyrat-Charvillon [VGS14] n x x 0 , 1 1 , 1 - Primas 20 CHES 2017, September 28
www.iaik.tugraz.at Step 2: Belief Propagation Iterative algorithm Calculate marginal distributions Combine leakage information + x x 0 , 0 1 , 0 Usage in SCA first proposed by ω 0 Veyrat-Charvillon [VGS14] n x x 0 , 1 1 , 1 - Primas 21 CHES 2017, September 28
www.iaik.tugraz.at MUL No MUL Step 2: Belief Propagation 0 32 Considerations: 64 Uneven distribution of side-channel information 96 Variable Index Bad TA performance in first layer ( ω 0 n = 1) 128 160 192 224 255 1 2 3 4 5 6 7 8 Layer Index Primas 22 CHES 2017, September 28
www.iaik.tugraz.at FG 1 FG 2 FG 3 Step 2: Belief Propagation 0 32 Solution: 64 Perform BP on 3 Sub-Networks: 96 Variable Index Ignore areas with: 128 No / little side-channel information 160 Comparably noisy side-channel information 192 Not all inputs can be recovered → Step 3: 224 255 1 2 3 4 5 6 7 8 Layer Index Primas 23 CHES 2017, September 28
www.iaik.tugraz.at Entropy 0 13 Step 2: Belief Propagation 0 32 Variable Index Iteration 0 64 96 127 2 3 4 5 6 7 8 Layer Index Primas 24 CHES 2017, September 28
www.iaik.tugraz.at Entropy 0 13 Step 2: Belief Propagation 0 32 Variable Index Iteration 1 64 96 127 2 3 4 5 6 7 8 Layer Index Primas 24 CHES 2017, September 28
www.iaik.tugraz.at Entropy 0 13 Step 2: Belief Propagation 0 32 Variable Index Iteration 2 64 96 127 2 3 4 5 6 7 8 Layer Index Primas 24 CHES 2017, September 28
www.iaik.tugraz.at Entropy 0 13 Step 2: Belief Propagation 0 32 Variable Index Iteration 3 64 96 127 2 3 4 5 6 7 8 Layer Index Primas 24 CHES 2017, September 28
Recommend
More recommend