אני יודע מה עשית בפענוח האחרון : התקפות ערוצי צד על מחשבים אישיים

Transcription

1 אני יודע מה עשית בפענוח האחרון : התקפות ערוצי צד על מחשבים אישיים I Know What You Did Last Decryption: Side Channel Attacks on PCs Lev Pachmanov Tel Aviv University Daniel Genkin Technion and Tel Aviv University joint work with Itamar Pipman Adi Shamir Tel Aviv University Weizmann Institute of Science Eran Tromer Tel Aviv University Cryptoday December

2 Side channel attacks 2 probing CPU architecture optical power electromagnetic acoustic

3 3 Acoustic emanations

4 4 ENGULF [Peter Wright, pycatcher, p. 84] In 1956, a couple of Post Office engineers fixed a phone at the Egyptian embassy in London.

5 ENGULF (cont.) 5 The combined MI5/GCHQ operation enabled us to read the Egyptian ciphers in the London Embassy throughout the Suez Crisis.

6 Acoustic emanations from PCs 6 Noisy electrical components in the voltage regulator Bzzzzzz Commonly known as coil-whine but also originates from capacitors

7 Experimental setup (example) 7 attacker amplifier microphone target digitizer

8 8 Demo: distinguishing instructions

9 time 9 Distinguishing various CPU operations [Shamir Tromer 04] frequency 280kHz 1sec

10 Traditional side channel attacks methodology 1. Grab/borrow/steal device 2. Find key-dependent instruction 3. Record emanations using high-bandwidth equipment (> clock rate, PC: >2GHz) 4. Obtain traces 5. Signal and cryptanalytic analysis 6. Recover key for i= sqr( ) if key[i]=1 mul( ) Hard for PCs 10

11 Traditional side channel attacks methodology 1. Grab/borrow/steal device 2. Find key-dependent instruction 3. Record emanations using high-bandwidth equipment (> clock rate, PC: >2GHz) 4. Obtain traces 5. Signal and cryptanalytic analysis 6. Recover key 11 Complex electronics running complicated software Hard for (in PCs parallel) vs. Not handed out vs. Measuring a 2GHz PC requires expansive and bulky equipment (compared to a 100 MHz smart card) 100,000$ vs. 1,000$

12 12 Acoustic Leakage of RSA

13 Definitions (RSA) 13

14 time GnuPG RSA key distinguishability [Shamir Tromer 04] frequency mod p mod q sound of the keys (after frequency downshifting and filtering) 14

15 15 Key Extraction

16 Our results: acoustic RSA key extraction Low-bandwidth cryptanalytic attacks 50 khz bandwidth to attack a 2 GHz CPU Inexpensive equipment Common cryptographic software GnuPG (CVE ) Worked with GnuPG developers to mitigate the attack Applicable to various laptop models 16

17 Amplifying the key dependency Difficulties when attacking RSA 2GHz CPU speed vs. 50kHz measurements Cannot rely on a single key-dependent instruction New idea: leakage self-amplification abuse algorithm s own code to amplify its own leakage! Craft suitable cipher-texts to affect the code inside inner-most loop Small differences in repeated inner-most loops cause a big overall difference in code behavior Measure acoustic leakage 17

18 18 An adaptive chosen-ciphertext attack Bit-distinguisher oracle

19 An adaptive chosen-ciphertext attack 19 Bit distinguisher oracle Error correction Just q Coppersmith lattice reduction: half the bits suffice send chosen ciphertexts using

20 20 modular_exponentiation(c,d,q){ karatsuba_mult(a,c) } karatsuba_mult(a,c){ basic_mult(x,y) } basic_mult(x,y){ if (y[j]==0) return 0 else return y[j]*x } x7 Grand total: times ~0.5 sec of measurements x19 x2048

21 Modular exponentiation 21 no key dependent operation to measure

22 22

23 23

24 24 Multiplication is repeated 2048 times (0.5 sec of data) Single multiplication is way too fast for us to measure

25 25 Empirical Results

26 time Distinguishing a key bit by a spectral signature 26 time frequency frequency mod p mod p mod q mod q

27 27 Demo: key extraction

28 Results 28 RSA 4096-bit key extraction from 1 meter away using a microphone

29 Results RSA 4096-bit key extraction from 10 meters away using a parabolic microphone 29

30 Results 30 RSA 4096-bit key extraction from 30cm away using a smartphone

31 Karatsuba multiplication 31

32 Basic multiplication 32 Repeated for a total of 8 times in this call and for a total of up to ~300,000 times!, allowing for the leakage to be detectable using low bandwidth means (such as sound).

33 33 Electric Channels

34 34 Power analysis Power analysis: measure device s power consumption RSA 4096-bit key extraction is possible in a few seconds

35 Ground-potential analysis Attenuating EMI emanations Unwanted currents or electromagnetic fields? Dump them to the circuit ground! (Bypass capacitors, RF shields, ) Device is grounded, but its ground potential fluctuates relative to the mains earth ground. affects dumped to connected to Computation currents and EM fields device ground conductive chassis Key =

36 36 Demo: key extraction

37 RSA and ElGamal key extraction in a few seconds using direct chassis measurement (non-adaptive attack) 37 Key =

38 RSA and ElGamal key extraction in a few seconds using human touch (non-adaptive attack) 38 Key =

39 Ground-potential analysis 39 Attenuating EMI emanations Unwanted currents or electromagnetic fields? Dump them to the circuit ground! (Bypass capacitors, RF shields, ) Device is grounded, but its ground potential fluctuates relative to the mains earth ground. affects connected to connected to Computation device ground conductive chassis shielded cables Even when no data, or port is turned off. Key =

40 40 Demo: key extraction

41 RSA and ElGamal key extraction in a few seconds using the far end of 10 meter network cable (non-adaptive attack) 41 works even if a firewall is present, or port is turned off Key =

42 Key extraction on far side of Ethernet cable using a mobile phone 42

43 Electromagnetic key extraction Currents inside the target create electromagnetic waves. Can be detected using an electromagnetic probe (e.g., a loop of wire). 43

44 Electromagnetic key extraction Currents inside the target create electromagnetic waves. Can be detected using an electromagnetic probe (e.g., a loop of wire). 44

45 45 Countermeasures (class discussion)

46 Ineffective countermeasures Shielding

47 Ineffective countermeasures (cont.) 2. Adding noise (play loud music while decrypting) 3. Concurrent software load 47

48 Countermeasures (ciphertext randomization) 48

49 cs.tau.ac.il/~tromer/acoustic CRYPTO 14 CVE cs.tau.ac.il/~tromer/handsoff CHES 14 CVE cs.tau.ac.il/~tromer/radioexp CHES 15 CVE

50 cs.tau.ac.il/~tromer/acoustic CRYPTO 14 CVE cs.tau.ac.il/~tromer/handsoff CHES 14 CVE cs.tau.ac.il/~tromer/radioexp CHES 15 CVE

51 cs.tau.ac.il/~tromer/acoustic CRYPTO 14 CVE cs.tau.ac.il/~tromer/handsoff CHES 14 CVE cs.tau.ac.il/~tromer/radioexp CHES 15 CVE

52 52