1 / 15

Torturing OpenSSL

Torturing OpenSSL. Todd Austin University of Michigan with Andrea Pellegrini , William Arthur and Valeria Bertacco (Based on Valeria’s BlackHat 2012 Presentation). Understanding Side Channel Attacks. Systems leak info about internal computation

nedra
Download Presentation

Torturing OpenSSL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Torturing OpenSSL Todd Austin University of Michigan with Andrea Pellegrini, William Arthur and Valeria Bertacco (Based on Valeria’s BlackHat 2012 Presentation)

  2. Understanding Side Channel Attacks • Systems leak info about internal computation • E.g., safes can be cracked by carefully listening to the tumblers • Clever attackers can utilize leaked info to grain secrets • Generally not directly • Use statistical methods over time • Attacks implementation, rather than algorithm

  3. Fault-Based Attack of RSA m m m Correct behavior: • Server challenge: s = md mod n • Client verifies: m = se mod n Faulty Server: ŝ != md mod n Private Key(d,n) Public Key(e,n) s ŝ Tactical advantage: We have yearsto implement this attack! Private Key(d,n) Public Key(e,n)

  4. Injecting Faults in RSA Authentication Making hardware fail: • Lower voltage causes signals to slow down, thus missing the deadline imposed by the system clock • High temperatures increase signal propagation delays • Over-clocking shortens the allowed time for traversing the logic cloud • Charged particlescause internal signals to change value, causing errors

  5. Single bit faults Faulty multiplications Wanted: Single-Bit Errors in Multiplication A corrupted signature leaks data if only one multiplication is corrupted by a single bit flip 60 16.50 50 13.75 40 11.00 Faulty products (%) Single bit faults (%) 30 8.25 20 5.50 10 2.75 0 0 1.30 1.29 1.28 1.27 1.26 1.25 1.24 1.23 Voltage [V]

  6. Implementing the Fault-Based Attack Fault-Based Attack of RSA Attackers 1. Subject server to potential single-bit faults in multiplications 2. Repeatedly authenticate to collect faulty RSA signatures 3. Offline, analyze RSA signatures to extract private key bits 4. Repeat steps 2 & 3 until entire RSA private key identified

  7. The attacker collects the faulty signatures The private key is recovered one window at the time The attacker checks its guess against the collected faulty signatures Extracting the Key with Offline Analysis m Private Key Public Key ŝ ŝ ŝ ŝ ŝ ŝ ŝ ŝ d= d3 X X d2 X X d1 d0

  8. Computing (s=mdmod n) in OpenSSL 0110 d=214= 1101 window 1 window 2 s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s s=1 s=1 s= (∙∙∙(m1101) 2)2)2)2 s= m1101 s= (∙∙∙(m1101) 2)2)2)2)m0110

  9. Faulty Signature: ŝ!=md mod n 0110 d=214= 1101 window 1 window 2 s=1 for each window: for each bit in window: //4times s = (s * s) mod n s = (s * mˆd[window]) mod n return s s=1 s=1 ŝ = (∙∙∙(m1101) 2)2) ±2f)2)2 s= m1101 ŝ = (∙∙∙(m1101) 2)2) ±2f) 2)2)m0110

  10. The private key is recovered one window at the time, guessing where and when the fault hits Reconstructing the Signature … d= dk X dk-1 X X Which multiplication? ŝ = (∙∙∙(mdk)64)mdk-1)2) 2)2 ±2f)2) 2)2) mdk-2)64 …md0 Already known Which bit? Value? For each window value to be guessed and signature we test: • 16 possible key values • 2 possible error values (0→1 or 1→0) • 4 squaring iterations

  11. Implementing Offline Analysis • In practice 40 bit positions typically affected by faults → the computation time is reduced to 2.5 seconds • Analyzing 8,800 corrupted signatures requires 1 CPU-year – only ~1,000 are useful • Signatures can be checked in parallel • Performed the analysis with 81 workstations ŝ ŝ ŝ ŝ ŝ ŝ

  12. Fault-Based Attack of Leon3 SPARC 8,800 corrupted signatures collected in 10 hours RSA 1024-bit private key Distributed application with 81 machines for offline analysis Private key recovered in 100 hours

  13. Exploring Temperature-Induced Faults

  14. Number of Key Bits Revealed (128-bit RSA) Surprising insight: Attack is easier to implementwith more sophisticated cooling systems

  15. Conclusions • Transient faults can leak vital private key data • Fault-based attack devised for OpenSSL 0.9.8i ’s Fixed Window Exponentiation algorithm • Attack demonstrated on a complete physical Leon3 SPARC system • Software fix using “blind”ingavailable in OpenSSL to protect against timing attacks • Published: “Fault-based Attack of RSA Authentication” - DATE 2010 • Presented: BlackHat 2012

More Related