1. 1. Side-Channel AttacksStefan FODOR(backb0ne fl00d3r )1 day before June 'couse the true 1337 hax0rs don't care about vulnerabilities
2. 2. Overview
   • What is side channel attack
   • 3. Classes of side channel attack
   • 4. Examples
   • 5. Countermeasures
   • 6. Questions?
3. 7. Side Channel Attacks
   • Attack on cryptosystem
   • 8. Informations gained from the physical implementation
     • • Not brute-force
       • 9. Nor known vulnerabilities
   • Requires advancesknowledges
     • • Hurraaayy.. no script kiddies!
4. 10. Classes
   • Timing attacks
   • 11. Power monitoring attacks
   • 12. Electromagnetic attacks
   • 13. Acoustic cryptoanalysis
   • 14. Differential fault analysis
5. 15. OpenSSL attack
   • Timing attack
   • 16. Apache + mod_SSL
   • 17. Compared time needed todecrypting multiple requests
   • 18. They deduced multiple 1024 bit private-key
6. 19. Acoustical spying
   • 10 minutes sound of user typing on a keyboard
   • 20. Bad : recovered 96% of the text based on audio
   • 21. Worse : 69% of all 10 random character password
   • 22. Worst : works on ATMs, too
7. 23. Smartphone eBanking
   • Implemented as a proof-of-concept
   • 24. Monitor the electromagnetic field of the smart-phone performing encryptions
   • 25. Deduces the encryption key
8. 26. Cold boot attack
   • Personal favorite
   • 27. Recover the disk encryption key
   • 28. after freezing the RAM Memory
   • 29. Released in July 2008, still no decent remedy
9. 30.
   • Countermeasures
   • Depends on the system
     • • And the attack predisposed to
   • You can't beat the hacker's imagination
10. 31. Questions?
11. 32. Resources
    • http://www.networkworld.com/community/node/58989
    • 33. http://en.wikipedia.org/wiki/Side_channel_attack
    • 34. http://www.berkeley.edu/news/media/releases/2005/09/14_key.shtml
    • 35. http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf
    • 36. http://citp.princeton.edu/memory/
    • 37. http://www.youtube.com/watch?v=4L8rnYhnLt8