Torturing OpenSSL. Valeria Bertacco University of Michigan. with Andrea Pellegrini and Todd Austin

Similar documents
Cryptography and Network Security Chapter 9

CSCE 465 Computer & Network Security

Side Channel Analysis and Embedded Systems Impact and Countermeasures

The Mathematics of the RSA Public-Key Cryptosystem

RSA Attacks. By Abdulaziz Alrasheed and Fatima

Cryptography and Network Security

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

PUF Physical Unclonable Functions

Chapter 1: Introduction

Evaluation of Digital Signature Process

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

Advanced Cryptography

Software Tool for Implementing RSA Algorithm

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

Timing Attacks on software implementation of RSA

Module: Applied Cryptography. Professor Patrick McDaniel Fall CSE543 - Introduction to Computer and Network Security

The Impact of Cryptography on Platform Security

Computer Security: Principles and Practice

AStudyofEncryptionAlgorithmsAESDESandRSAforSecurity

CIS 5371 Cryptography. 8. Encryption --

SSL A discussion of the Secure Socket Layer

A Factoring and Discrete Logarithm based Cryptosystem

Public Key (asymmetric) Cryptography

Digital Signatures. Prof. Zeph Grunschlag

Flash Corruption: Software Bug or Supply Voltage Fault?

Authentication Types. Password-based Authentication. Off-Line Password Guessing

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Public Key Cryptography: RSA and Lots of Number Theory

CRYPTOGRAPHY IN NETWORK SECURITY

Computing exponents modulo a number: Repeated squaring

IoT Security Platform

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

Overview of Public-Key Cryptography

Network Security. Chapter 6 Random Number Generation

A Question of Key Length

Lecture 6 - Cryptography

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Network Security. HIT Shimrit Tzur-David

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Embedding more security in digital signature system by using combination of public key cryptography and secret sharing scheme

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Victor Shoup Avi Rubin. Abstract

Programming Logic controllers

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

EE552. Advanced Logic Design and Switching Theory. Metastability. Ashirwad Bahukhandi. (Ashirwad Bahukhandi)

A Tutorial on Physical Security and Side-Channel Attacks

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Cryptography Lecture 8. Digital signatures, hash functions

Network Security. Chapter 6 Random Number Generation. Prof. Dr.-Ing. Georg Carle

ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING

By: Magiel van der Meer. Supervisors: Marc Smeets Jeroen van der Ham

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Secure Network Communications FIPS Non Proprietary Security Policy

Cryptography and Key Management Basics

Lukasz Pater CMMS Administrator and Developer

What users should know about Full Disk Encryption based on LUKS

Digital Systems Based on Principles and Applications of Electrical Engineering/Rizzoni (McGraw Hill

Notes on Network Security Prof. Hemant K. Soni

Princeton University Computer Science COS 432: Information Security (Fall 2013)

Authentication requirement Authentication function MAC Hash function Security of

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Public Key Cryptography and RSA. Review: Number Theory Basics

EC-Council E C S P.NET. EC-Council. EC-Council Certified Secure Programmer (.NET)

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

Final for ECE374 05/06/13 Solution!!

IT Networks & Security CERT Luncheon Series: Cryptography

Computer Systems Structure Main Memory Organization

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Cryptographic Key Reliable Lifetimes

RSA Encryption. Tom Davis October 10, 2003

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Capture Resilient ElGamal Signature Protocols

Installation and usage of SSL certificates: Your guide to getting it right

Public Key Cryptography. Performance Comparison and Benchmarking

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Information Security Services

The application of prime numbers to RSA encryption

Introduction to Security and PIX Firewall

Fault Tolerant Matrix-Matrix Multiplication: Correcting Soft Errors On-Line.

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

64-Bit Architecture Speeds RSA By 4x

Security in the Age of Nanocomputing. Hacking Devices

Network Security Technology Network Management

Security in Android apps

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

1 Public Key Cryptography and Information Security

Lecture 9 - Message Authentication Codes

Yaffs NAND Flash Failure Mitigation

Using BroadSAFE TM Technology 07/18/05

A REVIEW ON ENHANCING DATA SECURITY IN CLOUD COMPUTING USING RSA AND AES ALGORITHMS

EXAM questions for the course TTM Information Security May Part 1

Horst Görtz Institute for IT-Security

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

Transcription:

Torturing OpenSSL Valeria Bertacco University of Michigan with Andrea Pellegrini and Todd Austin Back Hat 12 Jul 25, 2012

Cryptography is all around us internet banking email online shopping electronic passports playstation 3 blu-ray player 2/40

Value of Cryptography $2.1 billion 1,300 employees by Symantec $5.7 billion 1,000 employees $39 billion 18,000 employees $82 billion 34,000 employees Source: Wiki & NASDAQ 3/40

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 4/40

What is Authenticated Communication? m Insecure medium How do we enable authenticated communication? 5/40

Asymmetric Cryptography ms Insecure medium m 6/40

RSA Keys The protocol is based on two number pairs, called keys 1.Choose two large prime numbers p & q 2.Compute n = p*q 3.Choose two numbers, d & e such that: d*e = 1 mod ((p-1)(q-1)) Effect: m de mod n = m mod n 4.Keep (d,n) as the secret private key 5.Advertise (e,n) as the public key Private key Public key (e,n) (d,n) Insecure medium 7/40

RSA Authentication Correct Authentication: Server challenge: s = m d mod n Client verifies: m = s e mod n m Private Key (d,n) Public Key (e,n) s m 8/40

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 9/40

Are These Algorithms Secure? (i.e., cryptanalysis) Attacking the algorithm by guessing key 135066410865995223349 603216278805969938881 475605667027524485143 851526510604859533833 940287150571909441798 207282164471551373680 419703964191743046496 589274256239341020864 383202110372958725762 358509643110564073501 508187510676594629205 5636855294. Attacking the implementation Side-channel by monitoring side effects Fault-Based a faulty processor may leak secrets 2009: Researchers brute forced a 768bits key over several computation years 10/40

Attacks via Transient Faults Transient fault: a short perturbation of a logic value in a circuit: Typically lasts <1 clock cycle If latched, can cause permanent computation errors Transient faults occur naturally in silicon due to Cosmic rays Alpha particles Location, density, frequency cannot be controlled This talk s focus: Is it possible to perpetrate a security attack via transient faults? 11/40

Fault-Based Attacks Cause errors in the system: a faulty computer may leak secrets Theoretical on some RSA implementations Chinese Remainder Theorem Left-to-right exponentiation Demonstrated on simple components Smart Cards & Microcontrollers On the Importance of Checking Computations, Boneh et al. Fault attacks on RSA with CRT: Concrete results and practical countermeasures, Aumuller et al. A practical fault attack on square and multiply, Schmidt et al. 12/40

Faulty RSA Authentication Correct Authentication: Server challenge: Private Key (d,n) m Public Key (e,n) s = m d mod n Client verifies: m = s e mod n s m Faulty Server: Private Key (d,n) m Public Key (e,n) ŝ!= m d mod n ŝ 13/40

Our Experimental Platform RSA Server: Sparc v8@40mhz Leon3 network switch Voltage controller to inject faults 14/40

How I Transported It To Black Hat 15/40

Correct Sequential Circuit How can we inject faults in a digital system? Vdd Register Combinational logic Register 16/40

Faulty Sequential Circuit How can we inject faults in a digital system? Vdd Register Combinational logic Register The lower the voltage, the less energy the electric signals in traversing the logic cloud 17/40

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 18/40

Computing: s=m d mod n Fixed Window Exponentiation, used in OpenSSL The algorithm partitions the exponent into windows: d =110110110001 110110010101 s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s 19/40

Computing: s=m d mod n s=1 for each window: d=214= 1101 0110 for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s s=1 window 1 window 2 s=1 ( (m 1101 ) 2 ) 2 ) 2 ) 2 s= m 1101 s= ( (m 1101 ) 2 ) 2 ) 2 ) 2 )m 0110 s = ( (m 1101 ) 2 ) 2 ) 2 ) 2 )m 0110 20/40

Faulty Signature: ŝ!=m d mod n s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s d=214= 1101 0110 s=1 window 1 window 2 ŝ s=1 = ( (m 1101 ) 2 ) 2 ) ±2 f ) 2 ) 2 s= m 1101 ŝ = ( (m 1101 ) 2 ) 2 ) ±2 f ) 2 ) 2 )m 0110 ŝ = ( (m 1101 ) 2 ) 2 )±2 f ) 2 ) 2 )m 0110 21/40

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 22/40

Retrieving the Private Key The attacker collects the faulty signatures Private Key m ŝ ŝŝŝ Public Key The private key is recovered one window at the time ŝ ŝ ŝ ŝ d= d3 XXXX d2d1d0 The attacker checks its guess against the collected faulty signatures 23/40

Reconstructing the Signature The private key is recovered one window at the time, guessing where and when the fault hits d= dk dk-1 X X X Which multiplication? ŝ = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) m d k-2 ) 64 m d 0 Already Which bit? known Value? For each window value to be guessed and signature we test: 1024 error positions 2 possible error values (0 1 or 1 0) 6 squaring iterations 24/40

Offline Analysis With a sufficient number of corrupted signatures the attack is polynomial w.r.t. the length of the key Already known Value? Which multiplication? ŝ = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) m d k-2 ) 64 m d 0 Which bit? Performing this check takes about 100 seconds In the worst case we have 2 6 values to check! If no faulty signature can confirm the value of the guess, we must extend the window 25/40

The Whole Truth About This Search But, how do we deal with the unknowns d 0, d 1, d k-2? ŝ = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) m d k-2 ) 64 m d 0 We can reduce the red part to m by: 1. Multiplying both sides by (((m d k ) 64 ) m d k-1 ) 64 2. Raising both sides to the e power (ŝ (((m d k ) 64 ) m d k-1 ) 64 ) e = = ( (m d k ) 64 )m d k-1 )2 ) 2 ) 2 ±2 f ) 2 ) 2 ) 2 ) e m Now everything is in terms of known or to-be-guessed terms! 26/40

Outline Cryptography Introduction RSA authentication Attacks to RSA authentication OpenSSL implementation Private key extraction Fault injection Conclusions 27/40

Our Setup Faults manifests on the multiplier of the server s CPU 28/40

Fault Injection Mechanisms How to make hardware fail: Lower voltage causes signals to slow down, thus missing the deadline imposed by the system clock High temperatures increase signal propagation delays Over-clocking shortens the allowed time for traversing the logic cloud Natural particles cause internal signals to change value, causing errors All these sources of errors can be controlled to tune the fault injection rate and target some units in the design 29/40

Fault Injection A corrupted signature leaks data if only one multiplication is corrupted by a single bit flip 60 16.50 Single bit faults (%) 50 40 30 20 10 Single bit faults Faulty multiplications 13.75 11.00 8.25 5.50 2.75 Faulty products (%) 0 1.30 1.29 1.28 1.27 1.26 1.25 1.24 1.23 0 Voltage [V] 30/40

Fault Distribution The attacked algorithm uses 6-bit windows: any of the 6 squaring iterations has the same probability to fail 250 200 Occurrences 150 100 50 0 0 1 2 3 4 5 Squaring Iteration 31/40

Fault Position The faults affects some bit positions more than others, proving that the critical path of the multiplier is failing 80 70 60 50 40 30 20 10 0 32/40 0 32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 512 544 576 608 640 672 704 736 768 800 832 864 896 928 960 992 Occurrences Bit position [0-1023]

Offline Analysis In practice 40 bit positions typically affected by faults the computation time is reduced to 2.5 seconds Analyzing 8,800 corrupted signatures requires 1 CPUyear only ~1,000 are useful ŝ ŝŝŝ ŝ ŝ Signatures can be checked in parallel Using 80 servers the 1024-bit key was retrieved in 104 hours 33/40

Physical Attack 8,800 corrupted signatures collected in 10 hours RSA 1024-bit private key, 6-bit window Distributed application with 81 machines for offline analysis Private key recovered in 100 hours 34/40

Fault Injection Mechanisms How to make hardware fail: Lower voltage causes signals to slow down, thus missing the deadline imposed by the system clock High temperatures increase signal propagation delays Over-clocking shortens the allowed time for traversing the logic cloud Natural particles cause internal signals to change value, causing errors Course project by: Armin Alaghi, William Arthur, Prateek Tandon 35/40

Temperature-Induced Faults 36/40

#Key Bits Revealed (128-bit RSA) 140 120 Key bits recovered (out of 128) 100 80 60 40 V=1.3 v V=1.28 v V=1.27 v V=1.26 v V=1.25 v V=1.24 v 20 0 20 30 40 50 60 70 80 90 100 Temperature 37/40

Challenges Controlling temperature Thermal runaway when attacking 1024-bit Solution: Use heat sink, moderate temperature Runtime is an issue Probability of Error 1 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 30 40 50 60 70 80 90 Temperature Extracted 30% of the private key (283/1000 corrupted, 91 useful messages) 38/40

Conclusions Transient faults can leak vital private key data Fault-based attack devised for OpenSSL 0.9.8i s Fixed Window Exponentiation algorithm Attack demonstrated on a complete physical Leon3 SPARC system Software fix using blind ing available in OpenSSL to protect against timing attacks make sure to deploy Published: Fault-based Attack of RSA Authentication - DATE 2010 39/40

Take Away for the Security Conscious Always keep OpenSSL and all cryptographic libraries updated Always make sure that the HW is working in proper conditions Do not overclock Cool the system properly Avoid power fluctuations A computer system operating outside its nominal conditions might not fail dramatically: however, silent data corruptions are even more dangerous 40/40

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information