32
Controlled Fault Injection: Wishful Thinking, Thoughtful Engineering, or just LUCK? FDTC 2017 Panelists: Ilia Polian, Marc Joye, Ingrid Verbauwhede Marc Witteman, Johann Heyszl

Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

  • Upload
    others

  • View
    8

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Controlled Fault Injection:Wishful Thinking,

Thoughtful Engineering,or just LUCK?

FDTC 2017 Panelists:Ilia Polian,  

Marc Joye, Ingrid VerbauwhedeMarc Witteman, Johann Heyszl

Page 2: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

The Fault Attack Process

Page 3: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

The Fault Attack Process

1999 Bellcore….2010 Single Fault AES2012 Optimal Fault Attacks

Well understoodSolid Methodologies

DFA, Safe Error, …

Page 4: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

The Fault Attack Process

Top‐down

Bottom‐Up

Fault Models‐ Random Fault‐ Biased Faults

Arch. Effects‐ Instruction Skip‐ Heat Maps‐ RowHammer

Low Success Rates

Ad Hoc Methodologies

Huge Gap

Page 5: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Kick‐off Questions

1. If side‐channel attacks are driven by science and reason, fault attacks seem to look like black magic. Do we really understand fault attacks?

2. What is the significance of fault attacks over time? Are they becoming more or less relevant?

3. …5

Page 6: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

6

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 7: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

7

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 8: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

8

CONTROLLED FAULT INJECTION: WISHFUL THINKING, THOUGHTFUL ENGINEERING, OR JUST LUCK?

Ilia PolianUniversity of Passau

Page 9: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

9

Do we really understand fault attacks?

• Yes, to some extent, but we could do better!– Observation-based, large amount of trial-and-error.– Detailed understanding is not considered essential.– Even a simple glitch can have complex implications.

Page 10: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

10

Need for more accurate models?

• Glitch: Which paths to outputs are sensitized?– Influenced by parasitics, power-supply noise,

reconvergencies, etc.

• Laser, EM, … Even more complex.– Multiphysics modeling.

• We cannot have full predictive power.– Process variability, ambient parameters, unknown inputs.

• There is vast amount of models from test, diag-nostics, and reliability domain which seem to work.

Page 11: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

11

Significance of fault attacks over time?

• If we had better models, will they lead to more effective attacks?– „First-time right“ injection in presence of detectors.

• Or can we design better countermeasures, if we know exactly what fault-injections are possible?– E.g., special error-detecting codes?

• Models must balance accuracy against scalability.• Apart from „application-oriented“ benefits, better

understanding of malicious failures can be a valuable intellectual result in itself.

Page 12: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

12

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 13: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Thinking, Thoughtful Engineering, or Just 

Luck?Marc Joye, NXP Semiconductors

Panel discussion @ FDTC 2017 ‐‐ Taipei, Taiwan09/24/2017

Page 14: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Fault Attacks: Science or Black Magic?

Page 15: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Fault Attacks: Science or Black Magic?

Depends who you ask!Fault attacks are not black magic

Semiconductor devices are sensitive to light by nature

Side‐channel analysis (SCA) may appear more driven by scienceMore knowledge is needed to apply an exploitable attack using SCA

General attacker does not really care what is really happening in the chip if the fault attack is working

Vulnerability analysis teams have of course to understand the root cause

Page 16: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Significance/Relevance of Fault Attacks?

Security is a moving targetImplementation attacks (incl. side channels and faults) are evolving and keep their relevance

Analysts (hackers) have access to a variety of fault‐injection techniques that greatly improved over time

Security certification requires products to comply to security targets

Page 17: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Fault Attacks: Today and Tomorrow

Fault attacks: science vs. black magicSide‐channel attacks vs. fault attacksCrypto community is very diverse

Future of fault attacksCombined attacks can unleash the full power of fault attacks

Deep understanding helps designing the best protection methods

Page 18: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

18

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 19: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panel on Fault Attacks

3 slides

Ingrid VerbauwhedeCOSIC, KU Leuven

Data PathProcessing

Unit

InterconnectProcessing

Unit

MemoryManagement

Unit

InstructionProcessing

Unit

MultipliersAdders

InputParameters

Buses

RegistersSRAMControl

Flow, PC

ROMFlash

If side-channel attacks are driven by science and reason, fault attacks seem to look like black magic. Do we really understand fault attacks?

[ FDTC 2011: “The Fault Attack Jungle - A Classification Model to Guide You” I. Verbauwhede]

Page 20: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

What is the significance of fault attacks over time? Are they becoming more or less relevant?

21

• Become more relevant: attacker always looks for the weakest link. If good protection against side channel attacks, then try fault attacks

• IOT devices more and more in the hand of the end-user (= attacker). Thus much more opportunity to try attacks

• Fault attacks = active attackso So, I can detect them with sensors! Clock/power glitch,

EM attack, laser attack, temperature attack

• Challenge: COMBINED fault and side-channel attack AND countermeasures

Which fault attacks??

Whichcountermeasures??

Protocols

CryptographicPrimitive

ExponentiationAlgorithm

Arithmetic

RTLALU + Registers + Memory

LogicGates + Flip Flops

Transistors

Fault Manifestation

FaultTarget

Page 21: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

23

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 22: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Controlled Fault Injection

wishful thinking, thoughtful engineering, or just luck?

FDTC

September 25, 2017

Page 23: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Science or Skill

Fault InjectionR

estricted

25

DFA on RSA CRTInject a fault during CRT that corrupts Sq:

S’q is a corrupted result of Sq computation

S’ = ( ( (S’q - Sp)*K ) mod q ) * p + Sp

Subtract S’ from S :

S - S’ = (((Sq - Sp)*K) mod q)*p - (((S’q - Sp)*K) mod q)*p

= (x1-x2)*p mod N

compute Gcd( S-S’, n ) = Gcd( (x1-x2)*p, p*q ) = p

compute q = n / p

AND

Page 24: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

“I injected a zillion faults and nothing happened”

“I destroyed all my targets while testing”

What goes wrong here?

• Lack of understanding – what is really happening?

• Lack of control

FI is no black magic, but thoughtful engineering

• Science: understand target and attack opportunities

• Skill: precision & perseverance

How to succeed in Fault Injection?R

estricted

26

Page 25: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Impact = Vulnerability + Attack Vector + Exploitation

Fault Injection successR

estricted

27

Physical properties

Robustness

Channel

Precision Repetition

StrengthDump

DFA

Escalation

Malicious codeTrends• Robustness increases• But attack tools and exploitation grow faster• Overall FI relevance only growing

Page 26: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Riscure North America 550 Kearny Street, Suite 330San Francisco CA 94108USAPhone: +1 650 646 99 79

[email protected]

Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15 251 40 90

www.riscure.com

Contact: Marc [email protected]

Page 27: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

Panelist Statements

29

Marc Witteman

CEO Riscure

IngridVerbauwhedeProfessor KUL

MarcJoye

NXP Fellow

IliaPolian

ProfessorUni Passau

JohannHeszl

Fraunhofer AISEC

Page 28: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

30

Page 29: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

31

Page 30: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

32

Page 31: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

33

Page 32: Controlled fault injection: wishful thinking, thoughtful engineering …conferenze.dei.polimi.it/FDTC17/shared/FDTC 2017 - panel.pdf · 2017-10-13 · Controlled fault injection:

34