Torturing OpenSSL Todd Austin University of Michigan with Andrea Pellegrini, William Arthur and...
-
Upload
marian-day -
Category
Documents
-
view
215 -
download
0
Transcript of Torturing OpenSSL Todd Austin University of Michigan with Andrea Pellegrini, William Arthur and...
Torturing OpenSSL
Todd AustinUniversity of Michigan
with Andrea Pellegrini, William Arthur and Valeria Bertacco
(Based on Valeria’s BlackHat 2012 Presentation)
2
Understanding Side Channel Attacks
· Systems leak info about internal computation• E.g., safes can be cracked by
carefully listening to the tumblers
· Clever attackers can utilize leaked info to grain secrets• Generally not directly• Use statistical methods over time
· Attacks implementation, rather than algorithm
3
Fault-Based Attack of RSA
Correct behavior:•Server challenge:
s = md mod n•Client verifies:
m = se mod n
Faulty Server:ŝ != md mod n
Public Key(e,n)
Private Key(d,n)
m
s
Public Key(e,n)
Private Key(d,n)
m
ŝ
mTactical advantage: We have years
to implement this attack!
4
Injecting Faults in RSA Authentication
Making hardware fail:Lower voltage causes signals to slow down, thus missing
the deadline imposed by the system clockHigh temperatures increase signal propagation delays· Over-clocking shortens the allowed time for traversing the
logic cloud· Charged particles cause internal signals to change value,
causing errors
5
Wanted: Single-Bit Errors in Multiplication
A corrupted signature leaks data if only one multiplication is corrupted by a single bit flip
0
10
20
30
40
50
60
1.30 1.29 1.28 1.27 1.26 1.25 1.24 1.23
Voltage [V]
Sin
gle
bit
fau
lts (
%)
0
2.75
5.50
8.25
11.00
13.75
16.50
Fa
ulty
pro
du
cts
(%)
Single bit faults
Faulty multiplications
6
Implementing the Fault-Based Attack
Fault-Based Attack of RSA Attackers
1. Subject server to potential single-bit faults in multiplications
2. Repeatedly authenticate to collect faulty RSA signatures
3. Offline, analyze RSA signatures to extract private key bits4. Repeat steps 2 & 3 until entire RSA private key identified
7
Extracting the Key with Offline Analysis
· The attacker collects the faulty signatures
· The private key is recovered one window at the time
· The attacker checks its guess against the collected faulty signatures
Public Keyŝŝŝŝ
Private Keym
ŝŝ ŝ
ŝd= X X X Xd3d2d1d0
8
Computing (s=md mod n) in OpenSSL
1101
s=1
for each window:
for each bit in window: //4times
s = (s * s) mod n
s = (s * mˆd[window]) mod n
return s
d=214= 0110
s=1
s=1
s= m1101
s= (∙∙∙(m1101) 2)2)2)2
s= (∙∙∙(m1101) 2)2)2)2)m0110
window 1 window 2
9
Faulty Signature: ŝ!=md mod n
s=1
for each window:
for each bit in window: //4times
s = (s * s) mod n
s = (s * mˆd[window]) mod n
return s
s=1
s=1
s= m1101
ŝ = (∙∙∙(m1101) 2) 2) ±2f)2)2
ŝ = (∙∙∙(m1101) 2) 2) ±2f) 2)2)m0110
1101d=214= 0110window 1 window 2
10
Reconstructing the Signature
The private key is recovered one window at the time, guessing where and when the fault hits
ŝ = (∙∙∙(mdk)64)mdk-1)2) 2)2 ±2f)2) 2)2) mdk-2)64 …md0
Already
known Value?
Which multiplication?
Which bit?
d= X X Xdk dk-1 …
For each window value to be guessed and signature we test:• 16 possible key values• 2 possible error values (0→1 or 1→0)• 4 squaring iterations
11
Implementing Offline Analysis
· In practice 40 bit positions typically affected by faults → the computation time is reduced to 2.5 seconds
· Analyzing 8,800 corrupted signatures requires 1 CPU-year – only ~1,000 are useful
· Signatures can be checked in parallel· Performed the analysis with 81 workstations
ŝŝŝŝŝŝ
12
Fault-Based Attack of Leon3 SPARC
RSA 1024-bit private key
8,800 corrupted signatures
collected in 10 hours
Distributed application with 81 machines for offline analysis
Private key recovered in 100 hours
13
Exploring Temperature-Induced Faults
14
Number of Key Bits Revealed (128-bit RSA)
20 30 40 50 60 70 80 90 1000
20
40
60
80
100
120
140
V=1.3 v
V=1.28 v
V=1.27 v
V=1.26 v
V=1.25 v
V=1.24 v
Temperature
Key
bit
s re
cove
red
(o
ut
of
128)
Surprising insight: Attack is easier to implementwith more sophisticated cooling systems
15
Conclusions
· Transient faults can leak vital private key data
· Fault-based attack devised for OpenSSL 0.9.8i ’s Fixed Window Exponentiation algorithm
· Attack demonstrated on a complete physical Leon3 SPARC system
· Software fix using “blind”ing available in OpenSSL to protect against timing attacks
· Published: “Fault-based Attack of RSA Authentication” - DATE 2010· Presented: BlackHat 2012