Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology.

Similar presentations


Presentation on theme: "Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology."— Presentation transcript:

1 Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters i.pooters@student.tue.nl March 17, 2008 Seminar Information Security Technology

2 Outline → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion 1.Introduction 2.About Cache 3.AES Primer 4.Cache-timing attacks 5.Countermeasures 6.Conclusion

3 comes your footer  Page 3 Side Channel Attacks → Side Channel Attacks → Cache-Timing Attacks → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion Timing Attack Based on the time taken by the device to execute particular operation. Power Analysis Attack Based on analyzing the power consumptions of the device to execute particular operations. Fault Attack Abnormal environmental conditions to generate malfunctions in the processor which provide additional access.  Cache-Timing Attacks

4 Here comes your footer  Page 4 Cache-Timing Attacks Goal: Extract key information The difference in access time for cache and main memory can reveal memory access patterns Idea: Analyze time used for encrypting certain plaintexts to retrieve information of the secret key No special equipment required! → Side Channel Attacks → Cache-Timing Attacks → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

5 Here comes your footer  Page 5 What is Cache? → What is cache? → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion Slow! Fast! Figure from [1]

6 Here comes your footer  Page 6 Advanced Encryption Standard Symmetric cipher to replace DES Three modes: AES-128, AES-192, AES-256 16-byte block size, 16-byte key, 16-byte intermediary states Key expanded to 10 Round Keys → Advanced Encryption Standard → AES Algorithm → AES Memory Access → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

7 Here comes your footer  Page 7 AES Algorithm → Advanced Encryption Standard → AES Algorithm → AES Memory Access → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion Figure from [3]

8 Here comes your footer  Page 8 AES Memory Access Implementated as series of table lookups 8 Tables precalculated; T 0, …, T 3 and T 0 (10), …, T 3 (10) Each round r calculates intermediary state x (r+1) State X (0) is simply p  k → Advanced Encryption Standard → AES Algorithm → AES Memory Access → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion K i (r) is the i-th 4-byte word of the expanded round key

9 Here comes your footer  Page 9 Known Attacks D.J. Bernstein describes a synchronous attack in [4] Osvik et al describe a more general approach for synchronous attacks ([2]) Applicable to existing systems, e.g. dm-crypt Manipulate the cache to influence delays Asynchronous attacks ([2]) No interaction required with the encryption algorithm Use own program to manipulate cache and analyze the timings → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

10 Here comes your footer  Page 10 The Bernstein Attack Described by D.J. Bernstein in [4] on OpenSSL AES Implementation Synchronous attack: attacker can trigger encryption with known plaintext. Simple server setup: 1.Server started with secret key 2.Server Reads a UDP packet from network. UDP packet have variable length but start with 16-byte nonce 3.Server copies high precision timestamp and nonce to response 4.Server encrypts the packet content 5.Server sends the response: 2 x timestamp, scrambled zero and nonce → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

11 Here comes your footer  Page 11 Attack Summary Special case for r=0 Consider T 0 [x 0 (0) ] = T 0 [k 0  p 0 ] Timing for lookup depends on value of k 0  p 0 → AES Timing leaks information on k 0 This is true for any k i  p i, for i = 0,…,15 → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

12 Here comes your footer  Page 12 Attack Summary cont’d Assume the attacker 1.Watches the total time taken by victim to handle many p’s 2.Totals the AES times for each possible p 13 3.Observes the total time is maximum for p 13 = 147 Assume the attacker can experiment in the same environment with known k’s and finds that overall AES maximum when k 13  p 13 = 8. Now, k 13 = 8  147 → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

13 Here comes your footer  Page 13 The actual Attack, step 1 Attacker runs server with known key: all zeroes About 2 22 random 400-byte packets encrypted Study the resulting timings for e.g. p 13 : Timing max at p 13 = 8 Since k 13 = 0, Timing max when x 13 (=k 13  p 13 ) = 8 See next slide for results → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

14 Here comes your footer  Page 14 → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion Results for p 13

15 Here comes your footer  Page 15 The actual Aattack, step 1 cont’d For some key bytes, not all the bits are leaked from this attack run. E.g. p 5 results show stronger correlation between values of p 5 Timings for p 5  {0,1,2,3,4,5,6,7} statistically indistinguishable. This means timing analysis would leak k 5  {0,1,2,3,4,5,6,7}, i.e. top 5 bits of k 5 → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

16 Here comes your footer  Page 16 → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion Results for p 5

17 Here comes your footer  Page 17 The actual Attack, step 2 Now send packets to the victims server which uses a secret key Step 1 gives values for x i = k i  p i with max timing. Step 2 gives values for p i with max timing. Combining the results from step 1 with step 2 yields the leaked key-bits. → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

18 Here comes your footer  Page 18 The actual Attack, step 2 cont’d The attacker repeats attack with various packet sizes to pinpoint the keys Most likely not all key-bits are leaked, but enough for brute-force search For the attack described by Bernstein, the brute force < 1 minute! → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

19 Here comes your footer  Page 19 Evaluation Time in order of hours for AES-128 More noise in measurement can be solved with more samples Attacker should be able to trigger encryptions To do experiments, attacker needs the exact same system as victim → Known Attacks → The Bernstein Attack → Attack Summary → The actual Attack → Evaluation → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

20 Here comes your footer  Page 20 Countermeasures Avoid memory access: use bit slice implementation or crude slow arithmetic and logical operations Hide timing: worst-case constant time, slow. Every operation as slow as memory access Static cache: disable cache-sharing and load all tables in cache → Countermeasures → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

21 Here comes your footer  Page 21 Conclusions Input dependant table lookups make AES vulnerable to cache-timing attacks Bernstein has found a feasible cache-timing attack. Osvik et al describe describe even faster and more applicable attacks Countermeasures exist, but hinder performance → Conclusions → References → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

22 Here comes your footer  Page 22 QUESTIONS ? → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion

23 Here comes your footer  Page 23 References [1] U. Drepper. Memory Part 2: CPU Caches. http://lwn.net/Articles/252125/ http://lwn.net/Articles/252125/ [2] D. Osvik, A. Shamir, E. Tromer. Cache-attacks and Countermeasures: the Case of AES. November 2005 [3] Specification for the Advanced Encryption Standard. November 2001 [4] D.J. Bernstein. Cache-Timing Attacks on AES. April 2005 → Conclusions → References → Introduction → About Cache → AES Primer → Cache-Timing Attacks → Countermeasures → Conclusion


Download ppt "Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology."

Similar presentations


Ads by Google