Presentation is loading. Please wait.

Presentation is loading. Please wait.

Template attacks Suresh Chari, Josyula R. Rao, Pankaj Rohatgi IBM Research.

Published byNeal Bradley Modified over 9 years ago

Similar presentations

Presentation on theme: "Template attacks Suresh Chari, Josyula R. Rao, Pankaj Rohatgi IBM Research."— Presentation transcript:

1 Template attacks Suresh Chari, Josyula R. Rao, Pankaj Rohatgi IBM Research

2 Side channel attacks Lots of sources: Power, EM, timing …….. Problem one of signal classification Which possible value of key bit/byte/nibble does signal correspond to? Many types of attacks(SPA/DPA & variants) Use coarse statistical methods Collect lots of samples to eliminate noise Differentiate based on expected signal.

3 Signal classification  Technique relies on precise modeling of noise (inherent statistical variations + other ambient noise) AND expected signal  Requires experimentation(offline)  Technique based on Signal Detection and estimation theory o Powerful statistical methods o Tools to classify a single sample.

4 Template attacks: overview Need single target sample from device under test Need programmable identical device. Build precise model of noise AND expected signal for all possible values of first portion of key Use statistical characterization to restrict first portion to small subset of possible values. Iterate to retain small number of possible values for entire key. Strong statistical methods extract ALL information from each target sample.

5 Plan Test case: RC4 Noise Modeling Classification Technique Variants Empirical Results Related work

6 Test case-RC4 Implementation: RC4 on smart card. Representative example for template attacks. Single sample of initialization with key. State changes on each invocation. Similar approach for most crypto algorithms. Other cases: hardware based DES, EM on SSL accelerators.

7 RC4- Initialization with key Simple implementation with no key dependent code (No SPA) No DPA possible due to single sample. Ideal for template attacks: Key byte independently affects iteration. i= j = 0; For(ctr=0, ctr < 256, ctr++) { j = key[i] + state[ctr] + j; SwapByte(state[ctr], state[j] ); i=i+1; }

8 Sample

9 Methodology Collect single sample of key initialization from device under test. With experimental device, collect large number(100s) of samples with all values of first key byte. Identify points on samples of first iteration directly affected by first key byte. For each distribution compute precise statistical characterization Use to classify target sample

10 Model Assumption: Gaussian model for noise. Noise characterization: Given L-point samples for a particular value of key compute Averages L point average A M Noise correlation matrix (L x L) M[i,j] = covariance( T[i]-A[i], T[j]-A[j]) for samples T Compute characterization for each of K values of the key byte. Probability of observing noise vector n for a sample from this distribution is inverse exponential in n T M – 1 n

11 Maximum likelihood Classification: Among K distributions, classify target sample S as belonging to distribution predicting highest probability for noise vector “ Best ” classifier in information theoretic sense. For binary hypotheses case, with same noise covariance error is inverse exponential in sqrt( (A 1 - A 2 ) T N -1 (A 1 – A 2 ) )

12 Classification Univariate Statistics Assume sample at points is independent Good results when keys are very different Not good if keys are close. Multivariate statistics: Assume points are correlated. Very low classification errors. Error of not identifying correct hypothesis is less than 5-6 %

13 Empirical result Correct Classification percentage improves dramatically Keys chosen to be very close Key byte 0xFE0xEE0xDE0xBE0x7E0xFD0xFB0xF70xED0xEB 98.6298.3499.1698.1499.5899.7099.6410099.7699.94

14 Improvement Maximum Likelihood: Retain hypothesis predicting max probability for observed noise (P max ) Approximation: Retain ALL hypotheses predicting probability at least ( P max /c), c constant. Retain more than 1 hypothesis for each byte. Tradeoff between number of hypothesis retained and correctness.

15 Empirical Results Size c=1 Size c=e 6 Size c=e 12 Size c=e 24 Success probability 95.0298.6799.3799.65 Avg. number of hypothesis retained 11.292.116.89

16 Iteration: Extend and prune For each remaining possible value of first byte For each value of second byte Build template independently ONLY for second iteration ( less accurate) OR Build template for first 2 iterations together (twice as large) Classify using new template to reduce choices for first 2 bytes

17 Iteration: Empirical Result Using templates independently in each stage reduces entropy in RC4 case to about (1.5) k for k bytes of key Substantially better when templates include sample for all iterations upto now Error rates of not retaining correct hypothesis is almost same as single byte case. Number of retained hypothesis is smaller Able to correct previous bytes: After 2 iterations of attack no hypothesis with wrong first byte.

18 Related work [Messerges,Dabbish,Sloan][Walter] Use signal based iterative method based to extract exponent of device implementing RSA. [Fahn, Pearson] Use profiling of experimental device before attack on device-under-test. Signal based classification methods.

19 Countermeasures Use randomness as much as possible. Blinding/masking of data Templates can be built for masked data values Not feasible if lots of entropy. Caveat: Vulnerable if attacker has control of random source in experimental device.

20 Summary Formalized new type of attack. Powerful methodology Works with single/few samples Requires extensive work with experimental device Experimental results Works where SPA/DPA are not feasible

21 BACKUP

22 Averaging 5 samples

23 Averaging 50 samples

24 Univariate approximation Assume that the sample at each point is independent of other points Simplifies probability of observing noise Inverse exponential in n T M – 1 n (which is just sum of squares) Classification: Use maximum likelihood with simplified characterization Classification error is high in some cases but can distinguish very different keys.

25 Empirical Results Cross Classification probability.  Low error if key bytes have very different Hamming weights.  Possibility of high error in other cases. 1111111011101110110111101011111000010000 11111110 0.860.040.070.030 11101110 0.060.650.100.190 11011110 0.080.160.680.090 10111110 0.100.110.080.710 00010000 00001.00

26 Intuition Samples and expected signals can be viewed as points in some L dimensional space. Approximation: Starting from received signal point keep all hypothesis falling in ball around received samples For binary case, classification error proportional to sqrt(1/c).

27 Other cases Template attacks verified in other cases EM emanations from hardware SSL accelerators Single sample noisy analogue of earlier work. Hardware based DES Attacking key checksum verification steps Other cases under investigation

Download ppt "Template attacks Suresh Chari, Josyula R. Rao, Pankaj Rohatgi IBM Research."

Similar presentations

A. The Basic Principle We consider the multivariate extension of multiple linear regression – modeling the relationship between m responses Y 1,…,Y m and.

A. The Basic Principle We consider the multivariate extension of multiple linear regression – modeling the relationship between m responses Y 1,…,Y m and.
Statistical Machine Translation Part II: Word Alignments and EM Alexander Fraser ICL, U. Heidelberg CIS, LMU München 2014.05.08 Statistical Machine Translation.

Statistical Machine Translation Part II: Word Alignments and EM Alexander Fraser ICL, U. Heidelberg CIS, LMU München Statistical Machine Translation.
Power, EM and all that: Is your crypto device really secure? Pankaj Rohatgi Dakshi Agrawal, Bruce Archambeault, Suresh Chari, Josyula R Rao IBM T.J. Watson.

Power, EM and all that: Is your crypto device really secure? Pankaj Rohatgi Dakshi Agrawal, Bruce Archambeault, Suresh Chari, Josyula R Rao IBM T.J. Watson.
Ensemble Methods An ensemble method constructs a set of base classifiers from the training data Ensemble or Classifier Combination Predict class label.

Ensemble Methods An ensemble method constructs a set of base classifiers from the training data Ensemble or Classifier Combination Predict class label.
Machine Learning Week 2 Lecture 1.

Machine Learning Week 2 Lecture 1.
2008 SIAM Conference on Imaging Science July 7, 2008 Jason A. Palmer

2008 SIAM Conference on Imaging Science July 7, 2008 Jason A. Palmer
STAT 497 APPLIED TIME SERIES ANALYSIS

STAT 497 APPLIED TIME SERIES ANALYSIS
C ● O ● M ● O ● D ● O RESEARCH LAB Longer Keys may Facilitate Side Channel Attacks (Bradford, UK) Colin.

C ● O ● M ● O ● D ● O RESEARCH LAB Longer Keys may Facilitate Side Channel Attacks (Bradford, UK) Colin.
Observers and Kalman Filters

Observers and Kalman Filters
What is Statistical Modeling

What is Statistical Modeling
Introduction to Mobile Robotics Bayes Filter Implementations Gaussian filters.

Introduction to Mobile Robotics Bayes Filter Implementations Gaussian filters.
Multiple Criteria for Evaluating Land Cover Classification Algorithms Summary of a paper by R.S. DeFries and Jonathan Cheung-Wai Chan April, 2000 Remote.

Multiple Criteria for Evaluating Land Cover Classification Algorithms Summary of a paper by R.S. DeFries and Jonathan Cheung-Wai Chan April, 2000 Remote.
1-1 Regression Models  Population Deterministic Regression Model Y i =  0 +  1 X i u Y i only depends on the value of X i and no other factor can affect.

1-1 Regression Models  Population Deterministic Regression Model Y i =  0 +  1 X i u Y i only depends on the value of X i and no other factor can affect.
Ensemble Learning: An Introduction

Ensemble Learning: An Introduction
Evaluating Hypotheses

Evaluating Hypotheses
Machine Learning CUNY Graduate Center Lecture 3: Linear Regression.

Machine Learning CUNY Graduate Center Lecture 3: Linear Regression.
Lecture 4 Measurement Accuracy and Statistical Variation.

Lecture 4 Measurement Accuracy and Statistical Variation.
1 Validation and Verification of Simulation Models.

1 Validation and Verification of Simulation Models.
Laurent Itti: CS599 – Computational Architectures in Biological Vision, USC 2001. Lecture 7: Coding and Representation 1 Computational Architectures in.

Laurent Itti: CS599 – Computational Architectures in Biological Vision, USC Lecture 7: Coding and Representation 1 Computational Architectures in.
Jacinto C. Nascimento, Member, IEEE, and Jorge S. Marques

Jacinto C. Nascimento, Member, IEEE, and Jorge S. Marques

Similar presentations

Ads by Google