future cryptography: standards are not enough tomáš rosa decros-icz, ctu fee [email protected]
TRANSCRIPT
Abstract DescriptionVersus the Reality
Attacker
Cryptographic device
Keys and other sensitive values
Inputdata
Outputdata
Inner cryptosystem
Abstract DescriptionVersus the Reality
Attacker
Cryptographic device
Keys and other sensitive values
Inputdata
Outputdata
Inner cryptosystem
Sidechannels
Side Channels
Definition (side channel)
The unplanned way which allows a cryptographic device to exchange some information with its neighborhood.
Side Channels
Analysis of the side channel The process of extracting the useful information
from the particular side channel.
Attack based on the side channel The process of using the analysis of the particular
side channel against a given cryptographic device.
Side Channels
Types of side channels (SC) Time SC Power SC Electromagnetic SC Fault SC Kleptographic SC
Side Channels
The effectiveness of attacks based on side channels usually comes from the „cooperation paradox“: Cryptologists know, that the information coming
from the side channel would be dangerous, but they never expected that such side channel would exist.
Technical designers know that such side channel exists, but they never expected that its existence would be dangerous.
Oracle Based Analysis(OBA)
It is important to discuss this technique, because: It stays behind all major types of
Power and Time Analysis. It allows us to develop the OBA-
Fundamental Hypothesis, which can be used to derive useful general countermeasures.
Oracle Based Analysis(OBA)
Proposition 1. Let I be the input set and let S be the particular side channel, giving for each input message the n-dimensional real information as S: I Rn.
Definition 2. The oracle will be represented by the transformation O: I B, where B = {0, 1}.
Oracle Based Analysis(OBA)
Proposition 2. Let Im be a subset Im I, such that for each x Im we know the appropriate value of S(x).
Oracle Based Analysis(OBA)
Proposition 3. The value of oracle O splits the set Im into the two disjunctive subsets I1, I2, such that for each x Im we have: x I1 iff O(x) = 1 and x I2 iff O(x) = 0.
Next we define the transformations S1, S2, such that S1: I1 Rn, S2: I2 Rn, S1(x) = S(x), S2(x) = S(x).
By the notation S1 or S2 we mean the random variables taking randomly the values from the domain Rn.
Oracle Based Analysis(OBA)
Proposition 3 (cont.). • (cond = false) d((S1), (S2))
• (cond = true) d((S1), (S2)) >> , for some R, 0.
Here denotes the selected characteristic of n-dimensional random variable (: Rn Rn), and d denotes appropriate metric on the field Rn (d: Rn R).
OBAFundamental Hypothesis
Possibility of OBA-based attack implies the existence of some intermediate variable, which value: is a function of the input data and the secret
key. can be predicted (based on the knowledge of
the input data and some part of the key).
OBAFundamental Hypothesis
Sketch of the proof The oracle itself can represent such a
variable.
Corollary Avoiding the existence of such a variable is
an efficient countermeasure against OBA-based attacks.
Fault Analysis
Message sent from the attacker to the device opens up the side channel from the device to the attacker.
The most dangerous techniques are often based on simple (but smart) mathematical observations. Discussion of the particular FA-based attacks for RSA
follows.
Fault AnalysisRSA
Lemma 1. Let us have x, y, n Z, such that n = p*q, where p, q are both primes, x y (mod p) and x y (mod q). Then it is easy to compute p as
p = gcd((x-y), n).
Question remains: How to find such a pair (x,y)? Computation of the RSA signature based on the Chinese
Remainder Theorem (CRT) is a good place for the inspiration…
Fault AnalysisRSA
Let the quintuple (p, q, dp, dq, pInv) be the RSA private key and let m be the formatted message to sign, m Zn.
Then signature s can be computed in the following steps:1. sp = mdp mod p
2. sq = mdq mod q
3. h = pInv*(sq – sp) mod q
4. s = sp + p*h
Fault AnalysisRSA
By affecting the computation of the particular signature, we can get the value sfaulty, such that:
• sfaulty md (mod p)
• sfaulty md (mod q)
Fault AnalysisRSA
Now we can do: Signature-Signature attack: we exploit the
known value of the correct signature sgood. It holds that:• sfaulty sgood (mod p)• sfaulty sgood (mod q)
Known Message-Signature attack: if we know the value of m, we can use the easily derived congruencies:• se m (mod p)• se m (mod q)
Fault AnalysisRSA
Importance of checking the integrity of private keys FA-based attacks can be easily carried out
when the attacker is able to force the device to work with the corrupted private key or public parameters.
Recent results (includes similar attacks on DSA) – attack on the OpenPGP format and compatible applications ([2]).
Side ChannelsBasic Countermeasures
Blinding the data being processed
Randomizing the cryptographic
transformation
Checking the integrity of keys
Checking the outputs for faults
Side ChannelsFuture Trends
Technicians shall• Try to minimize the power of the signal leaking
from the particular side channels• Inform cryptologists about all remaining side
channels Cryptologists shall
• Design their cryptosystems with the respect to the known side channels
According to the actual technology, the defense against attacks based on various side channels is mainly a cryptological problem
References
[1] Rosa, T.: Future Cryptography: Standards Are Not Enough, in Proc. of CATE 2001, 2001.
[2] Klíma, V. and Rosa, T.: Attack on Private Signature Keys of the OpenPGP Format, PGP(tm) Programs and Other Applications Compatible with OpenPGP, ICZ - Technical Report, available at http://www.i.cz/en/pdf/openPGP_attack_ENGvktr.pdf, 2001.