Presentation is loading. Please wait.

Presentation is loading. Please wait.

Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec

Published byRodger Dennis Modified over 7 years ago

Similar presentations

Presentation on theme: "Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec"— Presentation transcript:

1 Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec. 2015 1

2 2 372-2-5421 - מאלגוריתם למציאות : התקפות על מימושים של מערכות מאובטחות

3 3 Input Output Secure Functionality Secret

4 Output Sound Heat EM Radiation Power Vibration Timing Secure Device Bad Input Errors 4 Secret Input

5  A technique that allows attackers to extract information hidden inside a device, by analyzing the physical signals that the device emits as it performs a secure computation 5 From: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Mangard, Oswald and Popp, 2007

6 6 From: An Introduction to Implementation Attacks and Countermeasures, Thomas Popp, MEMOCODE 2009

7 7

8  Fundamentals  Power/EM attacks  Low Data Complexity  + Research Questions  High Data Complexity  + Research Questions  Architectural Attacks  + Research Questions 8

9  2 classes of chips: ASICs and Microcontrollers MicrocontrollerASIC Software-Defined Functionality Fixed (Hardware) Functionality Serial OperationParallel Operation Cheap to UseCheap to Manufacture 9

10 10

11 11

12 ⇐ Low Variance High ⇒ Variance ⇐ Low Correlation High ⇒ Correlation 12

13  Hamming Weight – amount of bits that are 1  HW(5) = ?  HW(0xE) = ?  Hamming Distance – amount of bits that are different  HW(5,0) = ?  HW(0xE,0xD) = ? 13

14  What device are we attacking? (DUT)  What countermeasures does the DUT have?  What secret are we after?  What is our measurement setup?  What sort of access do we have?  How intimate is our physical access?  How much data can we collect?  Is there an offline phase? 14

15  Power consumption is variable  Power consumption depends on instruction  Power consumption depends on data  Electromagnetic emanation depends on power consumption 15

16 q Power consumption V dd GND a q A P1 C1 C2 N1  The power consumption of a CMOS gate depends on the data: q: 0->0 virtually no power cons. q: 1->1 virtually no power cons. q: 0->1 high power cons. (proportional to C2) q: 1->0 high power cons. (proportional to C1)

17 Source: DPA Book 17

18 Source: DPA Book 18

19 Arm Activate Capture Retrieve 19

20 20

21 21 From: Introduction to differential power analysis, Kocher, Jaffe, Jun and Rotaghi, J. Cryptogr Eng. (2011) 1:5-27 +1 s_0_0_0 +1 s_0_0_1 +1 s_0_0_5 +1 s_0_0_6... +1 s_0_0_7 +1 e_s_0_0_p −1 e_s_0_0_n = 4 ;

22  Use statistical properties of traces to recover key  Pros:  Very limited reverse engineering  Harder to confuse  Cons:  Large amount of traces  Two main types of DPA:  Difference of means (traditional DPA)  Correlation power analysis (CPA) 22

23  We want to discover the correct key value (c k ) and when it is used (c t )  Idea:  On the correct time, the power consumption of all traces is correlated with the correct key  On other times and other keys the traces should show low correlation 23

24  Assume plaintext and correct key are known but correct time is unknown  Form hypothesis and test it  Good hypothesis:  Depends on known plaintext  Depends on small amount of key bits  Non-linear – sensitive to small changes  Maps to power consumption using a model 24

25  1000 traces, each consisting of 1 million points  Each trace uses a different known plaintext – 1000 plaintexts  1 known key  Hypothesis is vector of 1000 hypothetical power values  Output of warm-up CPA: vector of 1 million correlation values with peak at c t 25

26 26

27  Plaintext is known, but correct key and correct time unknown  Idea: run warm-up CPA many times in parallel  Create many competing hypotheses 27

28  1000 traces, each consisting of 1 million points  Each trace uses a different known plaintext – 1000 plaintexts  Key is unknown – 256 guesses for first byte  Hypothesis is matrix of 1000X256 hypothetical power values  Output of full CPA: matrix of 1,000,000X256 correlation values with peak at (c k,c t ) 28

29 29

30  Q1: How can we extract the most information from power traces?  Q2: How can we align different power traces together (in the presence of countermeasures)?  Q3: How can we expand the attacker model?  Simpler equipment  Less physical proximity 30

31 “attacks that exploit deeper processor ingredients below the trust architecture boundary” 31 From: Yet Another MicroArchitectural Attack: Exploiting I-Cache, Aciicmez, ACM CSAW 2007

32 Safari 8.0.6 Private BrowsingTor Browser 4.5.1

33  Q4: Can we break keys with this method?  Q5: Can we scale the measurement into the “open web”? 33

34  Join our cyber mailing list: http://cyber.bgu.ac.il/join http://cyber.bgu.ac.il/join 34

Download ppt "Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec"

Similar presentations

Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck.

Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck.
Smart Card security analysis Smart Card security analysis Marc Witteman, TNO.

Smart Card security analysis Smart Card security analysis Marc Witteman, TNO.
Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.

Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.
Information Security – Theory vs. Reality 0368-4474-01, Winter 2011 Guest Lecturer: Yossi Oren 1.

Information Security – Theory vs. Reality , Winter 2011 Guest Lecturer: Yossi Oren 1.
An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology

An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology
Is there Safety in Numbers against Side Channel Leakage? Colin D. Walter UMIST, Manchester, UK www.co.umist.ac.uk.

Is there Safety in Numbers against Side Channel Leakage? Colin D. Walter UMIST, Manchester, UK
Low Cost Attack on Tamper Resistant Devices Ross Anderson, Markus Kuhn Songpol Manoonpong.

Low Cost Attack on Tamper Resistant Devices Ross Anderson, Markus Kuhn Songpol Manoonpong.
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
Khaled A. Al-Utaibi  Computers are Every Where  What is Computer Engineering?  Design Levels  Computer Engineering Fields  What.

Khaled A. Al-Utaibi  Computers are Every Where  What is Computer Engineering?  Design Levels  Computer Engineering Fields  What.
Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity 1.

Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity 1.
Algebraic Side-Channel Attacks Beyond the Hamming Weight Leakage Model 1.

Algebraic Side-Channel Attacks Beyond the Hamming Weight Leakage Model 1.
C ● O ● M ● O ● D ● O RESEARCH LAB Longer Keys may Facilitate Side Channel Attacks (Bradford, UK) Colin.

C ● O ● M ● O ● D ● O RESEARCH LAB Longer Keys may Facilitate Side Channel Attacks (Bradford, UK) Colin.
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS 2012- Singapore.

Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS Singapore.
1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.

1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.
Side-Channel Attacks on Smart Cards. Timing Analysis Cryptosystems take different amount of time to process different inputs. Performance optimisations.

Side-Channel Attacks on Smart Cards. Timing Analysis Cryptosystems take different amount of time to process different inputs. Performance optimisations.
Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.

Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.
Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak Francesco Regazzoni David Novo Philip Brisk François-Xavier Standaert Paolo Ienne.

Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak Francesco Regazzoni David Novo Philip Brisk François-Xavier Standaert Paolo Ienne.
SIDE CHANNEL ATTACKS Presented by: Vishwanath Patil Abhay Jalisatgi.

SIDE CHANNEL ATTACKS Presented by: Vishwanath Patil Abhay Jalisatgi.
RRB/STS ORNL Workshop Integrated Hardware/Software Security Support R. R. BrooksSam T. Sander Associate ProfessorAssistant Professor Holcombe Department.

RRB/STS ORNL Workshop Integrated Hardware/Software Security Support R. R. BrooksSam T. Sander Associate ProfessorAssistant Professor Holcombe Department.
Inferno : Side-channel Attacks for Mobile Web Browsers Manuel Philipose, Matthew Halpern, Pavel Lifshits, Mark Silberstein, Mohit Tiwari Background and.

Inferno : Side-channel Attacks for Mobile Web Browsers Manuel Philipose, Matthew Halpern, Pavel Lifshits, Mark Silberstein, Mohit Tiwari Background and.

Similar presentations

Ads by Google