Click here to load reader

Statistical Tools Flavor Side-Channel Collision Attacks 17. April 2012

  • View
    26

  • Download
    0

Embed Size (px)

DESCRIPTION

Statistical Tools Flavor Side-Channel Collision Attacks 17. April 2012. Amir Moradi Embedded Security Group, Ruhr University Bochum, Germany. Outline. Challenges Side-Channel Attacks (SCA) Collision SCA Problems and our solution What is new in this paper Some experimental results. - PowerPoint PPT Presentation

Text of Statistical Tools Flavor Side-Channel Collision Attacks 17. April 2012

Statistical Tools FlavorSide-Channel Collision Attacks

17. April 2012Amir Moradi

Embedded Security Group, Ruhr University Bochum, Germany

1OutlineChallengesSide-Channel Attacks (SCA)Collision SCAProblems and our solutionWhat is new in this paperSome experimental results

EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi#Embedded Security GroupWhat is the story?SCA (implementation attacks)recovering the key of crypto deviceshypothetical model for power consumptioncompare the model with side-channel leakage (power)How?Sboxkp p123d78f9ab3d power0.120.010.140.200.060.02 [k=00] S c927bc996227445434 [k=01] S 7debb641aceb665246 [k=ff] S 5525176f20254346130.0110.0600.231

0.095CorrelationEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupSboxk1p1p2k2Side-Channel Collision p1123d78f9ab3d powerwhen the circuit uses a module (Sbox) more than once (in e.g., a round)

once a collision found?

false positive collision detectionsa couple of heuristic and systematic ways to handle

p2459acf0417e2 power

????known as linear collision attackEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi#Embedded Security GroupSboxk1p1p2k2Our Solution at CHES 2010 (Correlation-Enhanced) p1123d78f9ab3d power0.010.150.120.240.050.11() p1000102fdfeff0.230.120.210.060.090.14average p2459acf0417e2 power0.320.200.050.190.270.26()averageaverageaverage0.2300.4080.839

0.312000102fdfeff000102fdfeff000102fdfeff0.320.200.050.190.270.260.200.320.170.090.260.270.260.270.190.050.200.32000102fdfeffCorrelationEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupProblemshaving a countermeasure (secret sharing)computations on all shares at the same time (Threshold Imp.)a univariate leakagea MIA might be applicablea CE collision might NOTaveraging...

how about higher-order statistical moments

EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir MoradiVarianceskewnesskurtosis#Embedded Security GroupSboxk1p1p2k2Solution (applying higher-order moments) p1123d78f9ab3d power0.010.150.120.240.050.11() p1000102fdfeffvariance p2459acf0417e2 power0.320.200.050.190.270.26()variancevariancevariance0.3050.4120.7800.309000102fdfeff000102fdfeff000102fdfeff000102fdfeffCorrelationEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi#Embedded Security GroupSboxk1p1p2k2Solution (applying higher-order moments) p1123d78f9ab3d power0.010.150.120.240.050.11() p1000102fdfeffskewness p2459acf0417e2 power0.320.200.050.190.270.26()skewnessskewnessskewness0.3050.4120.780

0.309000102fdfeff000102fdfeff000102fdfeffCorrelationEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi#Embedded Security GroupSboxk1p1p2k2General Form (no specific moment) p1123d78f9ab3d power0.010.150.120.240.050.11() p1000102fdfeffpdf p2459acf0417e2 power0.320.200.050.190.270.26()pdfpdfpdf0.1040.0940.0060.143000102fdfeff000102fdfeff000102fdfeff000102fdfeffJeffreysDivergenceEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupPractical Issueshigher statistical moments, lower estimation accuracymore traces (measurements) requiredestimating pdf by e.g., histogramreducing accuracy as wellJeffreys divergencebased on Kullback-Leibler divergencesymmetric

Experimental PlatformsVirtex II-pro FPGA (SASEBO)Atmel uC (smartcard)EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi#Embedded Security GroupExperimental Results (PRESENT TI)J. Cryptology 24(2)EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupExperimental Results (PRESENT TI)Average

Variance

Skewness

pdfEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupExperimental Results (AES TI)EC 2011EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupExperimental Results (AES TI)Average

Variance

Skewness

pdfEUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security GroupExperimental Results (masked software)EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moraditime to move toward multivariate casejoint pdfs can be estimatedjoint statistical moments also can be estimatedthe same as doing a preprocess (by multiplication) step prior to a univariate attack

#Embedded Security GroupThanks!Any questions?

Embedded Security Group, Ruhr University Bochum, [email protected]

16Measurement Speed?

(Threshold)UART

PC sends a small number of bytes (~20)Control FPGA communicates with the Target FPGAsending/receiving ~10K plaintext/ciphertextwhile the oscilloscope measures Speed of the measurement depends on the length of each traceIn this case, 2000 points, 100M traces in 11 hours!#Embedded Security GroupExperimental Results (masked software) EUROCRYPT 2012 | Cambridge | 17. April 2012 Amir Moradi

#Embedded Security Group

Search related