AdiShamir SCA

7/28/2019 AdiShamir SCA

http://slidepdf.com/reader/full/adishamir-sca 1/50

A Top Viewof

Side Channel Attacks

Adi Shamir

Computer Science DeptThe Weizmann Institute

Israel

The SCA FAQ

In this part of the talk I will address some broad

questions related to side channel attacks:

Power (simple, differential, …)

EM (wires in chips, whole PC’s, …)Timing (in programs, across networks, …)Fault (power glitch, time jitter, …)

Visual (CRT’s, router LED’s, …)Acoustic (PC’s, keyboards, …)Cache (on RSA, AES, …)…

Are side channel attacks new?

Academic researchers started working on SCAbetween 1996-1999

Crypto as a war betweencryptographers and cryptanalysts

Sun Tzu, The Art of War: In war, avoid what isstrong and attack what is weak

Are side channel attacks new?Foreign embassies vs smart cards: Common themes

Externally supplied power and communication links

Vulnerable to probing with microwave radiation

EM and acoustic and eavesdropping attacks

Vulnerable to fault attacks (bribes, blackmail)

Many SCA’s invented and perfected in this environment

Are side channel attacks new?A few weeks ago, the NSA released the table of contents

of its top secret internal technical journal from the years 1956-1980

It covers many topics related to the design and analysis

of cryptosystems

Side channel attacks (especially tempest) is extensivelycovered

Surprisingly, there is absolutely no mention of public keycryptography in any of the titles

First page of the released document:

A typical collection of papers on cryptanalysis:

Did SCA’s have any impact on the

theoretical foundations of crypto?The “standard model” of cryptography:

A cryptosystem is a mathematical function

Its security is a mathematical theorem

Protocols are interacting Turing Machines

A dishonest party can do anything, but an honest partydoes ONLY what it is supposed to do

The difference between

theory and practice:

Is this model still relevant?

The standard model of cryptography is increasinglyproblematic due to the existence of SCA’s

Many scenarios today do not fit our assumptions

However, there is little theoretical analysis of SCA’sin academic research papers

How did SCA’s affect RSA?

A personal perspective

For 20 years I have studied the provable properties ofthe RSA function: Bit security, relationship to factoring,reductions, RSA vs Rabin, provably secure applications

RSA seemed to be very robust and well understood

In 1996: Boneh Demillo and Lipton proved that in RSA-CRT, making any single computational mistake completely

breaks the scheme by factoring the public key

This exposes the incredible fragility of cryptosystems

Is there a systematic approach to SCA’s?

Unfortunately, the situation is similar to airport security:

Each attack utilized a completely different approach

Each countermeasure works only against a specific attack

We have no way to predict the next attack andprotecting against all conceivable attacks is impossible

Is there a systematic approach to SCA’s?This is very different than the classical cryptanalyticproblem of block ciphers in which:

We do not know all the possible attacks, but the numberof completely different ideas seems to be very limited

New attacks are often only of theoretical interest

Most of the attacks can be overcome in principle by thecommon strategy of having sufficiently many rounds, andhaving large margins of safety against known attacks

Should we change the way we

design new cryptosystems?SCA’s even put in doubt our main construction tool:

To build a strong block cipher, compose a large numberof weak steps.

This ignores the fact that intermediate values mayleak out, and weak steps are easy to analyze

Should we change the way we

design new cryptosystems?Perhaps we should:

Use only large chunks of key and data (e.g., 64 bits) tomake it harder to exploit Hamming weight info and toexhaustively search for explanations for partially

exposed intermediate values

Use in a better way the inherent parallelism of modernmicroprocessors

Ask Intel to add a dedicated security coprocessor toimplement AES/RSA in its future microprocessors

Which SCA has a lot of untapped potential?

Timing attacks provide only a few bits of data, and are the

easiest to avoid

Probing attacks on smart cards typically record few wires

Differential power analysis ignores most of the data,looking just for differences in behavior between averages

Simple power analysis provides a huge amount of data, butwe do not currently know how to exploit it. I expect a lotof progress in this area in the next few years

Which area is likely to be least

affected by SCA’s?

Hash functions have no secrets

Collisions are not likely to be known by anyone

Which area is likely to be most

affected by SCA’s?

Quantum cryptography

Its main claim for fame is its perfect provable security

At least two attacks described so far, and others are likely:– Acoustic attack– Light pulse attack

If found, they can make this expensive and cumbersomesolution unattractive

What are the latest trends in SCA’s?

The original SCA attacks concentrated on small

systems such as smart cards or peripherals

There is new emphasis now on larger systems such asPC’s

There is some initial interest in tiny systems such asRFID tags

Example: How can we apply a lunchtime

power analysis attack to desktop PC’s ?

The attacker cannot easily cut the power cord or

open the box

A possible solution: the USB connector

It supplies both power and data to external devices

Many security programs control the USB connection

The spectrum of USB power

with power cutoff

The real-time signal of USB power at

294 KHz during OPENSSL decryption

Cache Attacks:A new family of side-channel attacks, developed

simultaneously in 2005/6 by:

Bernstein (basic idea, partial AES key recovery)

Percival (attack on RSA)

Osvik Shamir and Tromer (full attack on AES)

Cache Attacks:

Pure software attacks

Very efficient(e.g., full AES key extraction from Linux encrypted file system in65 ms; require only the ability to run code in parallel on the target

machine)

Compromise otherwise well-secured systems(e.g., VPN’s using AES)

Can be used to attack virtualized machines (e.g., j ai l (), Xen, UML, Virtual PC, VMware) using untrustedcode (e.g., ActiveX, Java applets, managed .NET,JavaScript)

N S A U S P ate nt6 ,9 22,7 7 4

CPU core(60% speedincreaseper year)

Main memory(7-9% latency

decrease per year)

CPU CPU cachememory

Basic cache technology

Typical latency: 50-150ns

Typical latency: 0.3ns

D R A M

a c h e

cache line

(64 bytes)

memory block

(64 bytes)

c a c h

e s e t

( 4 c a

c h e l i n e

Measuring the effect of the encryption on

Measuring the effect of the encryption onthe cache:

D R A M

a c h e

Programs compete for cache locations:

D R A M

a c h e

Measurement via effect of encryption on

Measurement via effect of encryption oncache

D R A M

a c h e

1. Completelyevict tables

from cache

D R A M

a c h e

from cache

2. Trigger asingleencryption

D R A M

a c h e

from cache

2. Trigger asingleencryption

3. Accessattacker memoryagain andsee whichcache setsare slow

Experimental example

Measuring a Linux 2.6.11 dm-crypt encrypted filesystem

with ECB AES on Athlon 64, using 30,000 samples.Horizontal axis: evicted cache setVertical axis: p[0]Brightness: encryption time (normalized)

Left: raw. Right: after subtracting cache set average.

Power Analysis of RFID Tags An RFID tag is a very simple computer,

usually associate with a physical object Tags communicate with a powerful reader

over a wireless link

EPC tags: passive tags, radiativelycoupled, 900MHz, read/write memory

Components of the EPC RFID System

The reader has a powerful antenna and anexternal power supply

The reader surrounds itself with anelectromagnetic field

The tag is illuminated by this field

Reader

ReaderÙ

Tag Data Exchange

The reader sends commands to the tagvia pulse amplitude modulation

The tag sends responses to the readervia backscatter modulation

Reader

The lab setup

Summary of the attack:The RF power reflected by an RFID

tag is dependent on its internal powerconsumption

This property allows power analysisattacks to be performed over adistance in a completely passive way

In the short term, it can be used toextract the kill or access passwordsof EPC tags

Cracking passwords with power

analysisWe send the password to a

secure device bit by bitThe first wrong bit is very

“exciting”Allows password to be

recovered in linear time

Existence of parasitic backscatter

(1) Trace shows the signal reflected from a

Generation 1 tag during a kill command

Tag is supposed to be completely silent

Is it? Let’s zoom in…

Power Time

Extracting one password bit

Here, the tag is expecting “1111 1111”

Here, it is expecting “0000 0001”

In both cases, tag gets “0000

0000”

Power Time

AdiShamir SCA

Documents

SCA Franch Brochure

AFGHANISTAN: Humanitarian Operational Presence (3W) · sca who sca unicef laghman dawlatshah 8 13 apa unicef, unhcr, iom madera wfp sca, who sca dacaar, nrc unicef, drc laghman mehtarlam

Performance SCA V41 vs SCA V222 Presentation Slides · 2021. 7. 24. · NordiaSoft 1st SCA OpenCL demonstration (GPP, GPU, FPGA) 1st SCA Test Instrument: Cobham Modular Platform(CMP)

Service Component Architecture Spring Component ...docs.oasis-open.org/opencsa/sca-j/sca-springci-spec/v1.1/sca... · Use of Spring Framework to implement any SCA Component that uses

SCA GROUP LIMITED COMPANY PORTFOLIO · SCA Group 7 Crane Way Woolsbridge Industrial Park Three Legged Cross Wimborne Dorset BH21 6FA 01202 820820 sales@sca-group.com SCA GROUP LIMITED

Sca-1 c-kit / flk-1 isotype controls sca-1 ObR gating R2 sca-1 +, ObR +, flk-1 + sca-1 +, ObR +, c-kit + supplemental Material: Figure I Suppl. Figure

SOA/SCA FraScAti

Test Assertions for the SCA Policy FW Specification 1docs.oasis-open.org/opencsa/sca-policy/sca-policy-1.1-test-assertions.pdfthat are designed to check that an SCA runtime conforms

Sca stemi 2012

SCA Service Component Architecture Client and ...docs.oasis-open.org/opencsa/sca-c-cpp/sca-cppcni-1.1-spec-cd04-cd… · This document describes the SCA Client and Implementation

Sca nstemi

Sca user guide

SCA conference2014

SCA POJO CI Test Assertionsdocs.oasis-open.org/opencsa/sca-j/sca-j-pojo-ci-1.1-test...This document defines the Test Assertions for the SCA POJO Component Implementation Specification

SCA Annual Report Contents€¦ · SCA Annual Report 2009 SCA Annual Report 2009 Contents SCA at a glance flap Introduction CEO’s message 2 The SCA share 4 Strategy 6 Board of Directors’

Sca building a_portfolio_01

SCA Based Implementation of STANAG 4285 in a Joint Effort … · SCA based Implementation of STANAG 4285 SCA based implementations of different TX granularity level SCA-based on PC

Sap Utilities Sca

Oracle® Fusion Middleware Developing WebLogic SCA ... · application context. In SCA terms, a WebLogic Spring SCA application is a collection of POJOs plus a Spring SCA context file

SCA GROUP NEWSLETTER SCA Group · 2016-01-07 · SCA GROUP NEWSLETTER Issue 4 SCA Group Newsletter January 2016 IN THIS ISSUE At SCA we embrace all things Christmassy, and we had