WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Longer Randomly Blinded RSA Keys may be Weaker than Shorter Ones Colin D. Walter

Slides:

Advertisements

Similar presentations

Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck.

Advertisements

Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks JaeCheol Ha * and SangJae Moon ** * Korea Nazarene University **

Is there Safety in Numbers against Side Channel Leakage? Colin D. Walter UMIST, Manchester, UK

Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.

C ● O ● M ● O ● D ● O RESEARCH LAB Longer Keys may Facilitate Side Channel Attacks (Bradford, UK) Colin.

C. Walter, Data Integrity for Modular Arithmetic, CHES 2000 CHES 2000 Data Integrity in Hardware for Modular Arithmetic Colin Walter Computation Department,

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.

Public Key Cryptography and the RSA Algorithm

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Public Key Algorithms 4/17/2017 M. Chatterjee.

Side-Channel Attack: timing attack Hiroki Morimoto.

Cryptography and Network Security Chapter 9 5th Edition by William Stallings Lecture slides by Lawrie Brown.

Tallinn University of Technology Quantum computer impact on public key cryptography Roman Stepanenko.

Torturing OpenSSL Todd Austin University of Michigan with Andrea Pellegrini, William Arthur and Valeria Bertacco (Based on Valeria’s BlackHat 2012 Presentation)

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

Network and Communications Network Security Department of Computer Science Virginia Commonwealth University.

Cryptography Dec 29. This Lecture In this last lecture for number theory, we will see probably the most important application of number theory in computer.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Issues of Security with the Oswald-Aigner Exponentiation Algorithm Colin D Walter Comodo Research Lab, Bradford, UK Colin D Walter.

9th IMA Conference on Cryptography & Coding Dec 2003 More Detail for a Combined Timing and Power Attack against Implementations of RSA Werner Schindler.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Public-Key Encryption

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.

1 Public-Key Cryptography and Message Authentication.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CHES 2002 Presented at the workshop CHES 2002, August 13-15, 2002, Redwood Shores, California, USA.

Some Security Aspects of the Randomized Exponentiation Algorithm (Bradford, UK) Colin D. Walter M IST.

DPA Countermeasures by Improving the Window Method Kouichi Itoh, Jun Yajima, Masahiko Takenaka and Naoya Torii Workshop on Cryptographic Hardware and Embedded.

Sliding Windows Succumbs to Big Mac Attack Colin D. Walter

Cryptography and Network Security Public Key Cryptography and RSA.

Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.

Scott CH Huang COM 5336 Cryptography Lecture 6 Public Key Cryptography & RSA Scott CH Huang COM 5336 Cryptography Lecture 6.

Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli Colin D. Walter formerly: (Manchester,

A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.

Attacking RSA Brian Winant Reference “Twenty Years of Attacks on the RSA Cryptosystem” By Dan Boneh In Notices of the American Mathematical.

Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.

Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.

M IST : An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis Colin D. Walter formerly: (Manchester, UK)

IEEE ARITH 17 Cape Cod, 27th – 29th June 2005 Data Dependent Power Use in Multipliers Colin D. Walter David Samyde

M IST : An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis Colin D. Walter (Manchester, UK)

Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli Colin D. Walter formerly: (Manchester,

Remote Timing Attacks are Practical David Brumley Dan Boneh [Modified by Somesh.

Power Analysis Attack on the Masking Type Conversion Algorithm Using Exponentiation Young In Cho', Dong-GukHan g, Seokhie Hong', Young-Ho Park a 'LIST.

Cryptography and Network Security Chapter 9 Fourth Edition by William Stallings.

1/16 Seeing through M IST given a Small Fraction of an RSA Private Key Colin D. Walter Comodo Research Lab (Bradford, UK)

Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 7 – The RSA Cryptosystem.

Lattice-based Fault Attacks on DSA – Another Possible Strategy Tomáš Rosa,

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.

RSA Pubic Key Encryption CSCI 5857: Encoding and Encryption.

Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively as the true name and the good name, or the.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Lecture 6. RSA Use in Encryption to encrypt a message M the sender: – obtains public key of recipient PU={e,n} – computes: C = M e mod n, where 0≤M

CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.

Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim

Public Key Cryptography

Simple Power Analysis of

Public Key Cryptosystems - RSA

Distinguishing Exponent Digits by Observing Modular Subtractions

Unknown Input Attacks in the Parallel Setting Improving the Security of the CHES 2012 Leakage Resilient PRF Marcel Medwed François-Xavier Standaert Ventzislav.

Breaking the Liardet-Smart Randomized Exponentiation Algorithm

Colin D. Walter Comodo CA, Bradford, UK

Presentation transcript:

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Longer Randomly Blinded RSA Keys may be Weaker than Shorter Ones Colin D. Walter

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 2/16 Outline Aims History Key Blinding Counter-Measure Side Channel Leakage Model Best Fit Metric Phases 1 & 2 Computational Feasibility Conclusion

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 3/16 Aim The aim is to investigate the implementation strength of public key cryptography assuming: –standard counter-measures –imperfect side-channel leakage Do counter-measures interact to weaken a system? Are published attacks impossible in real life? Are longer keys more secure?

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 4/16 History Refs to side channel leakage in patents ( USPTO 1978): see Abstract to US Patent Kocher et al (C RYPTO 1996, 1999): Timing and Power Attacks on smart cards – the concepts. Coron (CHES 1999): Lists three standard randomising counter-measures for ECC. Fouque et al (CHES 2006): Attack on Blinded RSA keys. Here (WISA 2007): Extension of Fouque to an imperfect side channel.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 5/16 4-ary Exponentiation Inputs: key D = (d n-1 d n-2 …d 1 d 0 ) 4 ; modulus M; ciphertext C. Precompute C d mod M for each digit value d. P  1 ; For i  0 to n  1 do Begin P  (P 2 ) 2 mod M ; if d i ≠0 then P  C d i ×P mod M ; End ; Output: plaintext P = C D mod M The side channel may distinguish squares from multiplications but not mult ns by different values of d.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 6/16 The Leakage Model Standard counter-measures are in place. There is a (weak) side channel which gives a probability that a square or multiply occurs. I/O of the exponentiation is unknown. The adversary knows the algorithms. The public parameters M and E are available. The correctness of secret key D can be checked. Only a realistic number of side channel traces are allowed.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 7/16 Assumed Counter-Measures An m-ary or sliding windows algorithm is used to prevent attackers from distinguishing exponent digits. Input text is blinded to prevent attacker from modelling the identical leakage. The secret key D is blinded on each re-use to prevent the adversary improving the signal to noise ratio with repeated use of the same D. This means D is replaced by D i = D+r i φ(N) for 20- to 32-bit random r i.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 8/16 Initial Calculations The top half bits of φ(N) and N are identical, so known. DE = 1+kφ(N) where k < E, D < φ(N). D i = (1+(k+r i E))φ(N) / E ≈ (1+(k+r i E))N / E k+r i E is typically a 32- to 48- unknown number. Use the leakage from the first half of trace for D i to guess k+r i E. Information theoretically, a leakage of 1 bit per 32 key bits means we need 32×32 to 32×48 bits in the top half to guess k+r i E successfully, i.e. keys of 2048 to 3072 bits – or longer keys.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 9/16 Best Fit Metric & Phase 1 Let p j = prob that j th operation of trace is a squaring. Let D' be a guess at the key used for the trace tr. Putd j = +1 if j th operation of D' is a squaring, d j = –1 if j th operation is a multiplication Let μ m (tr,D') = Σ 0≤j<m d j (p j –½) This measures how well D' matches the leakage tr over the first m operations (for the top half of N). For each side channel trace tr, choose k+rE, and hence D', to maximise this.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 10/16 Does it Work? Is the best guess at k+rE the correct one? The leakage is weak, so there are better incorrect guesses. The correct guess lies in the top fraction of best guesses. The fraction containing the correct guess is (almost) independent of how many bits need guessing. The fraction containing the correct guess gets rapidly smaller as key length increases, so the search space is smaller. k+rE becomes known if the key is long enough.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 11/16 Phase 2: Recovering φ(N) We now assume k+r i E is known for D i = (1+(k+r i E))φ(N) / E Phase 2: Choose bits of φ(N) to maximise the metric μ m = Σ j μ m (tr j,D j ) Bits are chosen one by one from most to least significant. (m picked to measure only contributions of chosen bits.) Use several bits lookahead to allow for the influence of carries and bit recoding in the exponentiation algorithm. Are the bits choices correct? What influences their correctness?

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 12/16 Bit Accuracy Accuracy of each bit determination depends on: –Number of available traces –Level of leakage –Number of lookahead bits The algorithm is self-correcting – bit errors are isolated. For 2048-bit key, 10 lookahead bits, 100 traces,… the prob of correct bit was This is 1 error in 2000, so half of a set of keys will be recovered correctly.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 13/16 Computational Feasibility Phase 1 – recovering the k+r i E : O( REt log(RE) ) leaked bit operations to process whereR = # choices for r (2 16 to 2 32 ) E = public exponent (e.g ) t = # traces needed in phase 2. It is highly parallelisable, with low space requirements. Phase 2 – recovering φ(N) : much less work than phase 1. The attack is computationally feasible if RE is not too large

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 14/16 Improved Counter-Measures Bits are determined more accurately for longer keys. Other work suggests fewer bit errors for longer keys. Different exponentiation & modular multiplication algorithms only affect the level of leakage per key bit. Computational feasibility decreases with more blinding: it is essentially proportional to this. So: If possible, choose less leaky HW & algorithms Choose enough blinding & large enough public key to make it computationally infeasible to check every value of k+rE.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 15/16 Conclusions Many essential and first-class SW counter- measures can be inadequate on their own. Information theoretic expectations should be treated as realisable. Imprecise leakage is useful to an adversary. Longer keys tend to be weaker for a fixed level of randomisation counter-measures. Randomisation needs to be scaled up for longer keys.

WISA 2007 Jeju Island, Korea, 27th – 29th Aug 2007 Colin Walter, Comodo 16/16