RSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis. Daniel Genkin, Adi Shamir, Eran Tromer

Transcription

1 RSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis Daniel Genkin, Adi Shamir, Eran Tromer

2 Mathematical Attacks Input Crypto Algorithm Key Output Goal: recover the key given access to the inputs and outputs

3 Side Channel Attacks Input Bad Inputs Crypto Algorithm Device Key Output Errors Goal: recover the key given access to the inputs, and outputs outputs and measurements

4 ENGULF [Peter Wright, pycatcher, p. 84] In 1956, a couple of Post Office engineers fixed a phone at the Egyptian embassy in London.

5 ENGULF (cont.) The combined MI5/GCHQ operation enabled us to read the Egyptian ciphers in the London Embassy throughout the Suez Crisis.

6 Acoustic cryptanalysis on modern CPUs

7 Distinguishing various CPU operations

8 Distinguishing various code lengths loops in different lengths of ADD instructions

9 What is a cipher? Hello! Encryption #!#@ *$^(# Decryption Hello! Symmetric One secret The sender and the receiver must know the secret key Asymmetric Two different secrets private and public The sender needs only the public key

10 RSA in a nutshell Key Generation: p, q random primes, n = pq d e 1 mod φ n Public key: (n, e) Private key: p, q, d RSA encryption: c m e mod n RSA decryption: c c d mod n

11 RSA in a nutshell Key Generation: RSA encryption: c m e mod n RSA decryption: c c d mod n m p = c d mod (p 1) mod p m q = c d mod (q 1) mod q Obtain m from m p and m q using the Chinese Remainder Theorem

12 GnuPG Open source crypto library Supports many cryptographic primitives (e.g., symmetric, asymmetric, signatures) Free implementation of the OpenPGP standard as defined by RFC4880 Commonly used for encrypted s This talk: GnuPG

13 RSA decryption long operations that depend on p, q, d p, d q the leakage of either will break security.

14 RSA key distinguishability and here is the sound of the keys (after signal processing)

15 Modular exponentiation m = c d n d i mod q m = c d n d i 0 mod q t = c d n d i 1 mod q m = c d n d i 1 mod q This is a side channel countermeasure meant to protect d

16 Extracting q i (simplified) c i = q 2048 q i If q i = 1 then c i < q, thus c = c i. That is, c has special structure. If q i = 0 then 2q > c i > q, thus c = c i q. That is, c is random looking. and we now multiply by c causing the bit-dependent leakage. Assume we know q 2048 q i+1 and decrypt c i = q 2048 q i

17 Extracting q i c i = q 2048 q i n If q i = 1 then c i n < q, thus c = c i n. That is, c has special structure. If q i = 0 then 2q > c i n > q, thus c = c i q n. That is, c is random looking. and we now multiply by c causing the bit-dependent leakage. Assume we know q 2048 q i+1 and decrypt c i = q 2048 q i n

18 Extracting q i (problem) Multiplication is repeated 2048 times (0.5 sec of data) Single multiplication is way too fast for us to measure Assume we know q 2048 q i+1 and decrypt c i = q 2048 q i n

19 Game over!

20 Results Key extraction is possible up to 4 meters away using a parabolic microphone

21 Results Key extraction is possible up to 1 meter away without a parabolic microphone

22 Results Key extraction is possible up to 30cm away using a smartphone

23 Karatsuba multiplication Based on the following identity for multiplication and runs in θ n log 2 3 time uv = 2 2n + 2 n u H v H + 2 n u H u L v L v H + 2 n + 1 u L v L If q i = 1 then b has many 1-valued or 0-valued bits causing the result to have many 0-valued bits. If q i = 0 then b is randomlooking and so is the result.

24 The recursion tree Number of 0-valued bits in the second operand is depends on the value of q i

25 Basic multiplication If b i = 0 the algorithm does nothing! Repeated for a total of 8 times in this call and for a total of up to ~129,000 times!, allowing for the leakage to be detectable using low bandwidth means (such as sound).

26 Power / ground analysis Power analysis: measure device s power consumption. Ground analysis: measure device s leakage relative to the ground.

27 Timing analysis Measure exact time for decryption: I. Send a server a malformed encrypted message and wait for an error response. II. Compute the elapsed time between sending and receiving an error.

28 Fault attacks These are attacks that employ faults during computation in order to recover secret information, e.g., cryptographic keys. Fault attacks can break implementations of RSA, DES, AES, and virtually any cipher. There are various kinds of protection techniques, mainly to identify faults and stop computation, or correcting the errors caused from the faults.

29 Fault attacks (example) RSA decryption using CRT. Let n = pq, and a secret key d Compute m = c d mod n using CRT: 1. m p = c d p mod p 2. m q = c d q mod q 3. m = aqm p + bpm q mod n for some a, b. If a fault occurs only modulo one of the primes, say p, then the result m = m mod q but not mod p. gcd(m m, n) = q.

30 Cache attacks Consider a multi-core processor, whose all cores use a common cache memory. Each memory access either Find the content in cache, or Fetch content from memory to the cache, throwing some old content from the cache Usually, the cache is divided to smaller parts, say n parts, and each part is in charge of 1/n of the memory bytes, i.e., all bytes with same address mod n. Therefore, a second core can try to access cache in selected areas, and measure time to see if a byte was accessed by the other core.

31 Modular exponentiation m = c d n d i mod q m = c d n d i 0 mod q t = c d n d i 1 mod q m = c d n d i 1 mod q This is a side channel countermeasure meant to protect d

32 Cache attacks Example: RSA Measure the access time to the memory locations of the multiply operation and the square operations. Therefore, you can identify the sequence of squaring, and of multiplication, thus revealing the secret exponent. Note: in the case of AES, measurement is made on the data, i.e., inputs to the S boxes.

33 Even the tin foil won t help us now 1. Play loud music while decrypting (or other kind of noise) 2. Parallel software load

34 Countermeasures (ciphertext randomization) Given a ciphertext c: 1. Generate a random number r and compute r e 2. Decrypt r e c and obtain m 3. Output m r 1 Works since ed = 1 mod φ(n) thus: r e c d r 1 mod n = r ed r 1 c d mod n = r r 1 c d mod n = c d mod n = m

35 Thank you! (questions?)