RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

1. Intro Acoustic side-channel cryptanalysis Dušan Klinec Faculty of Informatics Masaryk university Brno 13. 3. 2014 Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 1 / 36

2. Intro Source paper RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis Daniel Genkin, Technion and Tel Aviv University; Adi Shamir, Weizmann Institute of Science; Eran Tromer, Tel Aviv University Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 2 / 36

3. Source of the sound What is it about Extracts RSA private key by observing acoustic side-channel leak during decryption. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 3 / 36

4. Source of the sound Acoustic, really? Why does modern PC emit audible noise? Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 4 / 36

5. Source of the sound Capacitor noise High-pitched audible noise - capacitor is culprit #1. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 5 / 36

6. Source of the sound Capacitor noise - why? Piezoelectric effect. The internal generation of a mechanical strain resulting from an applied electrical ﬁeld. Note: Reversible, not interested in inverse right now. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 6 / 36

7. Source of the sound Capacitor noise - why? Piezoelectric effect. The internal generation of a mechanical strain resulting from an applied electrical ﬁeld. Note: Reversible, not interested in inverse right now. Ti , Zr2+ Pb 4+ T < T 4+2– O P C T > TC Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 6 / 36

8. Source of the sound Capacitor noise - how exactly? L-T L-W Before applying voltage After applying voltage LW with metal terminal The large portion of modification is made into Free. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 7 / 36

9. Source of the sound Capacitor noise - how exactly? L-T L-W Before applying voltage After applying voltage LW with metal terminal The large portion of modification is made into Free. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 7 / 36

10. Source of the sound Coil - culprit #2 Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 8 / 36

11. Source of the sound Coil - culprit #2 Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 8 / 36

12. Source of the sound Sound source Dynamics of the pulse-width-modulation-based voltage regulator circuitry. Regulates emount of energy for CPU. Best mic mounting: fan exhaust, ethernet port. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 9 / 36

13. Experiment setup Lab grade setup 1.25M saples per second, professional HW Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 10 / 36

14. Experiment setup Portable setup 200k saples per second, 100kHz resolution. Attack works up to 1 m, (4 m with parabolic mic). Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 11 / 36

15. Experiment setup Mobile setup 48k saples per second, low sensitivity, noise, pushing to the limits. attack works up to the 30 cm distance. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 12 / 36

16. Experiment setup Acoustic noise – multiple devices tested (a) Asus N55SF (b) Dell Inspiron 7720 (c) HP ProBook 4530s (d) HP Pavilion Sleek book 15-b005ej (e) Samsung NP300V5A (f) Lenovo ThinkPad W530 Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 13 / 36

17. Experiment setup Attack scenario Attacking several GnuPG implementations. Goal: recovery of a 4096 bit private key. Adaptive chosen cipher text attack. Recovers priv. key bit-by-bit. Requires to observe at least 2048 decryptions (n = pq). Attack vector: Enigmail - Thunderbird GPG plugin, automatically decrypts incoming message. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 14 / 36

22. Experiment setup Corelation of acoustic noise with executed code Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 15 / 36

23. Experiment setup Corelation of acoustic noise with code length Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 16 / 36

24. Experiment setup RSA implementation in GPG n = pq where n is public modulus, p, q private prime numbers. e public, d secret private exponent, ed ≡ 1 (mod ϕ(n)) Normal RSA decryption: m = cd (mod n) Optimization (by factor of 4): dp = d (mod (p − 1)) dq = d (mod (q − 1)) m1 = cdp (mod p) m2 = cdq (mod q) m = combine m1 and m2 using CRT Thus 2 modular exponentiations, attacking 2nd prime. Signal is somehow stabilized after ﬁrst one, better SNR. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 17 / 36

25. Experiment setup RSA implementation in GPG n = pq where n is public modulus, p, q private prime numbers. e public, d secret private exponent, ed ≡ 1 (mod ϕ(n)) Normal RSA decryption: m = cd (mod n) Optimization (by factor of 4): dp = d (mod (p − 1)) dq = d (mod (q − 1)) m1 = cdp (mod p) m2 = cdq (mod q) m = combine m1 and m2 using CRT Thus 2 modular exponentiations, attacking 2nd prime. Signal is somehow stabilized after ﬁrst one, better SNR. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 17 / 36

26. Experiment setup Attack 1 - Key distinguishability 5 GnuPG RSA signatures executed on a Lenovo ThinkPad T61. The transitions between p, q marked with yellow arrows. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 18 / 36

27. Experiment setup Attack 2 - Key extraction Determines secret factor q, one bit at time, from MSB to LSB. Notation: i-th bit qi of q, starting from MSB, (i = 2048). Incremental: Assumes key bits b2048 . . . qi+1 recovered Testing hypotheses about qi. Attacking different control flow that occurs for different ciphertexts. Targeting multiplication optimizations (multiplication by zero vs. multiplication by a random number). Notation: A = 00 . . . 0 32bit , 00 . . . 0 32bit , . . . , 00 . . . 0 32bit , array of limbs. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 19 / 36

34. Experiment setup Adaptive chosen cipher text attack Ciphertext passed directly to modular exponentiation algorithm. Specially crafted ciphertext: gi,0 = q2048, q2047, . . . , qi−1 topmost bits recovered , 0, 1, 1, . . . , 1 rest are ones Leakage: modular reduction (mod q): a) let qi = 1 q = q2048, q2047, . . . , qi−1, 1, qi−1,qi−2, . . . , q1 gi,0 = q2048, q2047, . . . , qi−1, 0, 1, 1, . . . , 1 gi,0 < q ⇒ gi,0 mod q = gi,0, preserves pattern of gi,0. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 20 / 36

41. Experiment setup Adaptive chosen cipher text attack Ciphertext passed directly to modular exponentiation algorithm. Specially crafted ciphertext: gi,0 = q2048, q2047, . . . , qi−1 topmost bits recovered , 0, 1, 1, . . . , 1 rest are ones Leakage: modular reduction (mod q): b) let qi = 0 q = q2048, q2047, . . . , qi−1, 0, qi−1,qi−2, . . . , q1 gi,0 = q2048, q2047, . . . , qi−1, 0, 1, 1, . . . , 1 gi,0 ≥ q ⇒ gi,0 mod q = gi,0 − q, is a (i − 1)-bit random looking number. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 21 / 36

47. Experiment setup Adaptive chosen cipher text attack Ciphertext passed directly to modular exponentiation algorithm. Specially crafted ciphertext: gi,0 = q2048, q2047, . . . , qi−1 topmost bits recovered , 0, 1, 1, . . . , 1 rest are ones Leakage: modular reduction (mod q): If qi = 1 ⇒ gi,0 < q ⇒ gi,0 mod q = gi,0, preserves pattern of gi,0. If qi = 0 ⇒ gi,0 ≥ q ⇒ gi,0 mod q = gi,0 − q, is a (i − 1)-bit random looking number. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 22 / 36

48. Experiment setup Modular exponentiation Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 23 / 36

49. Experiment setup Source of side-channel leakage Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 24 / 36

50. Experiment setup Karatsuba Recursive algorithm for fast integer multiplication in Θ(nlog23). Faster than schoolbook algorithm (for suitably larger integers). Based on the following identity: u = uH|uL concatenation of high & low part v = vH|vL uv = 1.mult (22n + 2n )uHvH + 2.mult 2n (uH − uL)( vH − vL will be almost zero ) + 3.mult (2n + 1)vLuL Ciphertext c is passed to Karatsuba as a second parameter. Special form of the ciphertext causes marked part to be zero. Recursion will invoke Karatsuba(uH − uL, vH − vL), leads to multiplication by zero. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 25 / 36

51. Experiment setup Karatsuba Recursive algorithm for fast integer multiplication in Θ(nlog23). Faster than schoolbook algorithm (for suitably larger integers). Based on the following identity: u = uH|uL concatenation of high & low part v = vH|vL uv = 1.mult (22n + 2n )uHvH + 2.mult 2n (uH − uL)( vH − vL will be almost zero ) + 3.mult (2n + 1)vLuL Ciphertext c is passed to Karatsuba as a second parameter. Special form of the ciphertext causes marked part to be zero. Recursion will invoke Karatsuba(uH − uL, vH − vL), leads to multiplication by zero. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 25 / 36

52. Experiment setup Karatsuba uv = 1.mult,h (22n + 2n )uHvH + 2.mult,t 2n (uH − uL)( vH − vL will be almost zero ) + 3.mult,l (2n + 1)vLuL Karatsuba recursive expansion If qi = 1 ⇒ c = q2048, q2047, . . . , qi−1, 0, 1, 1, . . . , 1 ⇒ many zero limbs in 2nd mult. arg. If qi = 0 ⇒ c random-looking number Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 26 / 36

53. Experiment setup Karatsuba uv = 1.mult,h (22n + 2n )uHvH + 2.mult,t 2n (uH − uL)( vH − vL will be almost zero ) + 3.mult,l (2n + 1)vLuL Karatsuba recursive expansion If qi = 1 ⇒ c = q2048, q2047, . . . , qi−1, 0, 1, 1, . . . , 1 ⇒ many zero limbs in 2nd mult. arg. If qi = 0 ⇒ c random-looking number Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 26 / 36

54. Experiment setup Source of side-channel leakage Computation is very fast (GHz), acoustic channel is narrow (kHz). Would not be able without ampliﬁcation. Side-channel leakage function is called multiple times during one decryption, 7 × 12 × 2048 = 172032 Such number of invocations create detectable pattern (random vs. zero bits) in accoustic spectrum. Karatsuba recursive expansion Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 27 / 36

55. Experiment setup Source of side-channel leakage (a) attacking 0 bit (b) attacking 1 bit 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 34 35 36 37 38 39 Power(nanovolts) Frequency (kHz) Attacked bit is 1 Attacked bit is 0 (c) Frequency spectra of the second modular exponentiation Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 28 / 36

56. Experiment setup Attack technicalities More bits are recovered more closer frequency peaks in spectrum are. Analysis gets complicated, but the core idea still holds. Frequency spectrum for ciphertexts of size 2048 bits with various sizes of zero words: 0 50000 100000 150000 200000 250000 35 35.5 36 36.5 37 37.5 38 38.5 39 numberofzerolimbsinthesecondoperandofMUL_BASECASE frequancy (kHz) Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 29 / 36

57. Experiment setup Attack preview -300 -280 -260 -240 -220 -200 -180 -160 35 35.5 36 36.5 37 37.5 38 38.5 39 Power(dB) Frequency (kHz) template for one bit template for zero bit specturm of zero bit Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 30 / 36

58. Experiment setup Attack scheme 1 Obtains acoustic trace of the second modular exponentiation. Obtain templates T0, T1. 2 Compute frequency spectrum s of the trace (sliding window FFT, median binning). 3 Peak smoothing (noise removal). 4 Normalization (remove microphone pattern). 5 Compute distance of a s from template T0 and T1 allowing some shift (freq. left,right). 6 Classiﬁcation. 7 Template update. Create new templates T0, T1 for next bit. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 31 / 36

65. Experiment setup Attack scheme If attack misclassiﬁes some qi, use backtracking. Error is detected, next bits are still the same (e.g., ones). Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 32 / 36

66. Experiment setup Countermeasures Artiﬁcial CPU load on another core. Does not work. Reduces leakage frequency 35 − 38 kHz to 32 − 35 kHZ actually helping the attack. Another side-channel ﬁx (CPU cache, multiplication), multiplication is performed regardless di, doubling number of multiplications, helping the attack. Ciphertext randomization. Works. Let r be random 4096 bit number. (re × c)d × r−1 mod n = ced mod n Modulus randomization. Works. Let t be random medium sized integer. Compute mq = cdq mod (tq), then mq = mqmod q. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 33 / 36

70. Experiment setup Conclusions Attack is realistic. Within one hour recovers 4096-bit private key. Attack: Mobile phone near laptop, performing attack, generating ciphertexts on the fly. Attack: hidden microphone in docking station, in table. Attack: self-spying (malware on the PC). Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 34 / 36

71. Experiment setup Questions? Questions? Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 35 / 36

72. Experiment setup References & sources https://www.cs.tau.ac.il/˜tromer/acoustic/ https://68kmla.org/forums/viewtopic.php?f=10&t=13101 https://eeepitnl.tksc.jaxa.jp/mews/jp/26th/data/2_12_4.pdf http://www.bjorn3d.com/2013/09/asus-gtx-780-directcu-ii-oc/ http://img.techpowerup.org/120520/vrm.jpg https://en.wikipedia.org/wiki/Piezoelectricity Disclaimer: Images are not mine own, some of them may be from unknown source. Appologies for not referencing them correctly. Dušan Klinec (FI MUNI) Ph4r05 13. 3. 2014 36 / 36

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (16)

Semelhante a RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

Semelhante a RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis (20)

Último

Último (20)

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis