The document describes algorithms for retrieving the 128-bit AES encryption key from cache access patterns. It outlines preliminaries on side channel attacks, AES implementation and operations. It then presents a first round attack and second round attack to retrieve the key from known plaintext/ciphertext blocks and corresponding cache access patterns of table elements during AES encryption/decryption. Evaluation results and limitations/extensions are also discussed.
How multi-fault injection breaks the security of smart cardsRiscure
At RSA Conference 2010 Riscure's Marc Witteman presented an essential overview of fault injection attacks theory and showed a number of practical attacks at hardware using FI.
Predicting and Abusing WPA2/802.11 Group Keysvanhoefm
We analyze the generation and management of WPA2 group keys. These keys protect broadcast and multicast Wi-Fi traffic. We discovered several issues and illustrate their importance by decrypting all group (and unicast) traffic of a typical Wi-Fi network.
First we show that the 802.11 random number generator is flawed by design, and provides an insufficient amount of entropy. This is confirmed by predicting randomly generated group keys on several platforms. We then examine whether group keys are securely transmitted to clients. Here we discover a downgrade attack that forces usage of RC4 to encrypt the group key when transmitted in the 4-way handshake. The per-message RC4 key is the concatenation of a public 16-byte initialization vector with a secret 16-byte key, and the first 256 keystream bytes are dropped. We study this peculiar usage of RC4, and find that capturing 2 billion handshakes can be sufficient to recover (i.e., decrypt) a 128-bit group key. We also examine whether group traffic is properly isolated from unicast traffic. We find that this is not the case, and show that the group key can be used to inject and decrypt unicast traffic. Finally, we propose and study a new random number generator tailored for 802.11 platforms.
How multi-fault injection breaks the security of smart cardsRiscure
At RSA Conference 2010 Riscure's Marc Witteman presented an essential overview of fault injection attacks theory and showed a number of practical attacks at hardware using FI.
Predicting and Abusing WPA2/802.11 Group Keysvanhoefm
We analyze the generation and management of WPA2 group keys. These keys protect broadcast and multicast Wi-Fi traffic. We discovered several issues and illustrate their importance by decrypting all group (and unicast) traffic of a typical Wi-Fi network.
First we show that the 802.11 random number generator is flawed by design, and provides an insufficient amount of entropy. This is confirmed by predicting randomly generated group keys on several platforms. We then examine whether group keys are securely transmitted to clients. Here we discover a downgrade attack that forces usage of RC4 to encrypt the group key when transmitted in the 4-way handshake. The per-message RC4 key is the concatenation of a public 16-byte initialization vector with a secret 16-byte key, and the first 256 keystream bytes are dropped. We study this peculiar usage of RC4, and find that capturing 2 billion handshakes can be sufficient to recover (i.e., decrypt) a 128-bit group key. We also examine whether group traffic is properly isolated from unicast traffic. We find that this is not the case, and show that the group key can be used to inject and decrypt unicast traffic. Finally, we propose and study a new random number generator tailored for 802.11 platforms.
This talk will shed some light into the intermediate language that is used inside the Hex-Rays Decompiler. The microcode is simple yet powerful to represent real world programs. We publish it and give programmatic access to it from C++.
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
Return-Oriented Programming (ROP) attacks allow to hijack the control-flow execution of a vulnerable process using instructions already present in its memory map. Thus, the attacker concatenates sequences of instructions (named ROP gadgets) redirecting the control-flow execution to perform whatever computation he/she wants. Those instruction sequences, when executed, perform a well-defined operation, such as a XOR or an addition between two registers.
A Turing machine is an abstract concept to define a theoretical model able to solve any computational problem using a set of minimal operations. A system is said to be Turing-complete whether simulates a Turing machine, that is, if it is able to perform the same set of minimal operations. In particular, these operations are: to load a constant, to move values, to load and to store a value from/to memory, and to perform arithmetic and logic operations.
In this talk, we introduce a tool named EasyROP, which seeks the gadgets in a given binary file that are semantically equivalent to each of those operations. Hence, EasyROP helps to automate the development of ROP attacks. We analyzed the main dynamic-link libraries of most flavours of Windows OS, in 32 and 64-bit modes, to study the feasibility of an attack on these systems. We found that shell32.dll is the best candidate in 32-bit systems. In the case of 64-bit systems, none DLL allows to build a Turing machine. We also show the applicability with a real case study, showing how to build a ROP chain attack for CVE-2010-3333 in a Windows 7 32-bit system.
Cisco network equipment has always been an attractive attack target due to its prevalence and the key role that it plays in network structure and security.
This equipment is based on a wide variety of OS (firmware) architectures, types, and versions, so it is much harder to develop a universal shellcode. Publicly available Cisco IOS shellcodes are tailored to specific equipment, have narrow functionality, and are not exactly useful for penetration testing.
This talk is the presentation of a research initiated by our research center to create a shellcode which is as easily portable between different IOS firmwares as possible and which provides a lot of pentesting features because it can dynamically change the shellcode destination at the stage of post-exploitation.
We will also consider the possibility of creating a worm which could spread across the infrastructure, from firewall to router, from router to switch, etc.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
Deep submicron-backdoors-ortega-syscan-2014-slidesortegaalfredo
Malicious hardware is a mature topic but previous research has focused almost exclusively on theoretical applications. In this article, practical implementations of gate-level backdoors will be presented using the Verilog hardware description language, then simulated and finally synthesized using freely available deep sub-micron (45-180 nm) standard cells, resulting in a backdoored latest-generation ARM CPU, suitable for fabrication and massive deployment.
Ведущий: Александр Попов
В настоящем докладе будет рассмотрен успешный опыт использования отладочного механизма KASan (Kernel address sanitizer) для автономного гипервизора. Докладчик расскажет, как удалось усилить KASan по сравнению с его реализацией в ядре Linux.
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Maksim Shudrak
Fuzzing remains to be the most effective technique for bugs hunting in memory-unsafe programs. Last year, hundreds of security papers and talks on fuzzing have been published and dozens of them were focused on adapting or improving American Fuzzy Lop in some way. Attracting with its simplicity and efficiency, AFL is the number one choice for the vast majority of security researchers. This high popularity means that hunting for bugs with AFL or a similar tool is becoming less and less fruitful since many projects are already covered by other researchers. It is especially hard when we talk about a project participating in Google OSS-Fuzz program which utilizes AFL to generate a half-trillion test cases per day.
In practice, this means that we can not blindly rely on AFL anymore and should search for better fuzzing techniques. In order to overcome this challenge, we need to understand how AFL and similar fuzzers work and be able to use their weaknesses to find new 0days. This talk is aimed to discuss these weaknesses on real examples, explain how we can do fuzzing better and release a new open-source fuzzer called Manul.
Manul is a high-scalable coverage-guided parallel fuzzer with the ability to search for bugs in open source and black box binaries on Windows and Linux. Manul was able to find 10 0-days in 4 widely-used projects that have been extensively tested by AFL. These vulnerabilities were not found by chance, but by analyzing and addressing issues exist in AFL. Authors will show several of the most critical vulnerabilities and explain why AFL overlooked them.
This talk will be interested for experienced hackers, who are willing to improve their bug hunting capabilities, as well as for new researchers, who are making their first steps on the thorny trail of bug hunting.
This talk will shed some light into the intermediate language that is used inside the Hex-Rays Decompiler. The microcode is simple yet powerful to represent real world programs. We publish it and give programmatic access to it from C++.
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
Return-Oriented Programming (ROP) attacks allow to hijack the control-flow execution of a vulnerable process using instructions already present in its memory map. Thus, the attacker concatenates sequences of instructions (named ROP gadgets) redirecting the control-flow execution to perform whatever computation he/she wants. Those instruction sequences, when executed, perform a well-defined operation, such as a XOR or an addition between two registers.
A Turing machine is an abstract concept to define a theoretical model able to solve any computational problem using a set of minimal operations. A system is said to be Turing-complete whether simulates a Turing machine, that is, if it is able to perform the same set of minimal operations. In particular, these operations are: to load a constant, to move values, to load and to store a value from/to memory, and to perform arithmetic and logic operations.
In this talk, we introduce a tool named EasyROP, which seeks the gadgets in a given binary file that are semantically equivalent to each of those operations. Hence, EasyROP helps to automate the development of ROP attacks. We analyzed the main dynamic-link libraries of most flavours of Windows OS, in 32 and 64-bit modes, to study the feasibility of an attack on these systems. We found that shell32.dll is the best candidate in 32-bit systems. In the case of 64-bit systems, none DLL allows to build a Turing machine. We also show the applicability with a real case study, showing how to build a ROP chain attack for CVE-2010-3333 in a Windows 7 32-bit system.
Cisco network equipment has always been an attractive attack target due to its prevalence and the key role that it plays in network structure and security.
This equipment is based on a wide variety of OS (firmware) architectures, types, and versions, so it is much harder to develop a universal shellcode. Publicly available Cisco IOS shellcodes are tailored to specific equipment, have narrow functionality, and are not exactly useful for penetration testing.
This talk is the presentation of a research initiated by our research center to create a shellcode which is as easily portable between different IOS firmwares as possible and which provides a lot of pentesting features because it can dynamically change the shellcode destination at the stage of post-exploitation.
We will also consider the possibility of creating a worm which could spread across the infrastructure, from firewall to router, from router to switch, etc.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
Deep submicron-backdoors-ortega-syscan-2014-slidesortegaalfredo
Malicious hardware is a mature topic but previous research has focused almost exclusively on theoretical applications. In this article, practical implementations of gate-level backdoors will be presented using the Verilog hardware description language, then simulated and finally synthesized using freely available deep sub-micron (45-180 nm) standard cells, resulting in a backdoored latest-generation ARM CPU, suitable for fabrication and massive deployment.
Ведущий: Александр Попов
В настоящем докладе будет рассмотрен успешный опыт использования отладочного механизма KASan (Kernel address sanitizer) для автономного гипервизора. Докладчик расскажет, как удалось усилить KASan по сравнению с его реализацией в ядре Linux.
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Maksim Shudrak
Fuzzing remains to be the most effective technique for bugs hunting in memory-unsafe programs. Last year, hundreds of security papers and talks on fuzzing have been published and dozens of them were focused on adapting or improving American Fuzzy Lop in some way. Attracting with its simplicity and efficiency, AFL is the number one choice for the vast majority of security researchers. This high popularity means that hunting for bugs with AFL or a similar tool is becoming less and less fruitful since many projects are already covered by other researchers. It is especially hard when we talk about a project participating in Google OSS-Fuzz program which utilizes AFL to generate a half-trillion test cases per day.
In practice, this means that we can not blindly rely on AFL anymore and should search for better fuzzing techniques. In order to overcome this challenge, we need to understand how AFL and similar fuzzers work and be able to use their weaknesses to find new 0days. This talk is aimed to discuss these weaknesses on real examples, explain how we can do fuzzing better and release a new open-source fuzzer called Manul.
Manul is a high-scalable coverage-guided parallel fuzzer with the ability to search for bugs in open source and black box binaries on Windows and Linux. Manul was able to find 10 0-days in 4 widely-used projects that have been extensively tested by AFL. These vulnerabilities were not found by chance, but by analyzing and addressing issues exist in AFL. Authors will show several of the most critical vulnerabilities and explain why AFL overlooked them.
This talk will be interested for experienced hackers, who are willing to improve their bug hunting capabilities, as well as for new researchers, who are making their first steps on the thorny trail of bug hunting.
Fault Detection Technique for Compact AES DesignIOSR Journals
Abstract: Cryptography is a method that has been developed to ensure the secrecy of messages and transfer data securely. Advanced Encryption Standard (AES) has been made as the first choice for many critical applications because of the high level of security and the fast hardware and software implementations, many of which are power and resource constrained and requires reliable and efficient hardware implementations. Naturally occurring and maliciously injected faults reduce the reliability of Advanced Encryption Standard (AES) and may leak confidential information. In this paper, a lightweight concurrent fault detection scheme for the AES is presented. In the proposed approach, the composite field S-box and inverse S-box are divided into blocks and the predicted parities of these blocks are obtained. For high speed applications, S-box implementation based on lookup tables is avoided. Instead, logic gate implementations based on composite fields are utilized. A compact architecture for the AES Mix-columns operation and its inverse is also presented. This parity-based fault detection scheme reaches the maximum fault coverage when compared to other methods of fault detection. The proposed fault detection technique for AES encryption and decryption has the least area and power consumption compared to their counterparts with similar fault detection capabilities. Index terms: AES, composite fields, parity prediction, fault detection, S-box.
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Codemotion
For many years, I had entirely given up on ever understanding the anything about cryptography. However, I’ve since learned it’s not nearly as hard as I thought to understand many of the important concepts. In this talk, I’ll take you through some of the underlying principles of modern applications of cryptography. We’ll talk about our goals, the parts are involved, and how to prevent and understand common vulnerabilities. This’ll help you to make better choices when you implement crypto in your products, and will improve your understanding of how crypto is applied to things you already use.
There is great research in the field of data security these days. Storing information digitally in the cloud and transferring it over the internet proposes risks of disclosure and unauthorized access, thus users, organizations and businesses are adapting new technology and methods to protect their data from breaches. In this paper, we introduce a method to provide higher security for data transferred over the internet, or information based in the cloud. The introduced method for the most part depends on the Advanced Encryption Standard (AES) algorithm. Which is currently the standard for secret key encryption. A standardized version of the algorithm was used by The Federal Information Processing Standard 197 called Rijndael for the Advanced Encryption Standard. The AES algorithm processes data through a combination of Exclusive-OR operations (XOR), octet substitution with an S-box, row and column rotations, and a MixColumn operations. The fact that the algorithm could be easily implemented and run on a regular computer in a reasonable amount of time made it highly favorable and successful.
In this paper, the proposed method provides a new dimension of security to the AES algorithm by securing the key itself such that even when the key is disclosed, the text cannot be deciphered. This is done by enciphering the key using Output Feedback Block Mode Operation. This introduces a new level of security to the key in a way in which deciphering the data requires prior knowledge of the key and the algorithm used to encipher the key for the purpose of deciphering the transferred text.
Keywords: Keywords: Keywords: Keywords: Keywords: Keywords: Keywords:
FPGA Implementation of A New Chien Search Block for Reed-Solomon Codes RS (25...IJERA Editor
The Reed-Solomon codes RS are widely used in communication systems, in particular forming part of the specification for the ETSI digital terrestrial television standard. In this paper a simple algorithm for error detection in the Chien Search block is proposed. This algorithm is based on a simple factorization of the error locator polynomial, which allows reducing the number of components required to implement the proposed algorithm on FPGA board. Consequently, it reduces the power consumption with a percentage which can reach 50 % compared to the basic RS decoder. First, we developed the design of Chien Search Block Second, we generated and simulated the hardware description language source code using Quartus software tools,finally we implemented the proposed algorithm of Chien search block for Reed-Solomon codesRS (255, 239) on FPGA board to show both the reduced hardware resources and low complexity compared to the basic algorithm.
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersIJNSA Journal
To enhance the security and reliability of the widely-used stream ciphers, a 2-D and a 3-D mesh-knight Algorithm Based Fault Tolerant (ABFT) schemes for stream ciphers are developed which can be universally applied to RC4 and other stream ciphers. Based on the ready-made arithmetic unit in stream ciphers, the proposed 2-D ABFT scheme is able to detect and correct any simple error, and the 3-D meshknight ABFT scheme is capable of detecting and correcting up to three errors in an n2 -data matrix with liner computation and bandwidth overhead. The proposed schemes provide one-to-one mapping between data index and check sum group so that error can be located and recovered by easier logic and simple operations.
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersIJNSA Journal
To enhance the security and reliability of the widely-used stream ciphers, a 2-D and a 3-D mesh-knight Algorithm Based Fault Tolerant (ABFT) schemes for stream ciphers are developed which can be universally applied to RC4 and other stream ciphers. Based on the ready-made arithmetic unit in stream ciphers, the proposed 2-D ABFT scheme is able to detect and correct any simple error, and the 3-D meshknight ABFT scheme is capable of detecting and correcting up to three errors in an n2 -data matrix with liner computation and bandwidth overhead. The proposed schemes provide one-to-one mapping between data index and check sum group so that error can be located and recovered by easier logic and simple operations.
The Journal of MC Square Scientific Research is published by MC Square Publication on the monthly basis. It aims to publish original research papers devoted to wide areas in various disciplines of science and engineering and their applications in industry. This journal is basically devoted to interdisciplinary research in Science, Engineering and Technology, which can improve the technology being used in industry. The real-life problems involve multi-disciplinary knowledge, and thus strong inter-disciplinary approach is the need of the research.
Дмитрий Селиванов, OK.RU. Finding Similar Items in high-dimensional spaces: L...Mail.ru Group
Дмитрий рассказал о методе снижения размерности многомерных данных – Locality Sensitive Hashing. На примере задачи поиска похожих текстовых документов гости был подробно разобран алгоритм Minhash.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
1. Highly Efficient Algorithms for AES Key Retrieval in
Cache Access Attacks
Ashokkumar C. , Ravi Prakash Giri , Bernard Menezes
Indian Institute of Technology, Bombay, INDIA
IEEE European Symposium on Security and Privacy, Saarbr¨ucken, GERMANY
March 21-24, 2016
2. Outline
1 Preliminaries (Side Channel Attacks, AES Implementation)
2 First Round Attack
3 Second Round Attack
4 Results
5 Limitations and Extensions
6 Summary and Conclusions
3. Preliminaries (Side Channel Attacks, AES Implementation)
Problem Statement
Retrieve entire 128-bit AES key in a cache access attack given
Known plaintext blocks and corresponding sets of cache line numbers
of table elements accessed during AES encryption
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 3/29 3 / 29
4. Preliminaries (Side Channel Attacks, AES Implementation)
Problem Statement
Retrieve entire 128-bit AES key in a cache access attack given
Known plaintext blocks and corresponding sets of cache line numbers
of table elements accessed during AES encryption
or
Known ciphertext blocks and corresponding sets of cache line
numbers of table elements accessed during AES decryption
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 3/29 3 / 29
5. Preliminaries (Side Channel Attacks, AES Implementation)
Attacks on Crypto Algorithms
Traditionally, attacks on cryptographic algorithms have focused on hard
mathematical problems (such as the factorization problem or the dis-
crete logarithm) or linear/differential cryptanalysis
A different approach is to exploit leakage of sensitive information through
various side channels – power, timing, etc. to obtain the key
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 4/29 4 / 29
6. Preliminaries (Side Channel Attacks, AES Implementation)
Cache-based Side Channel Attacks
Exploit the fact that memory access times vary by 1–2 orders of mag-
nitude depending on which level of the memory hierarchy the required
data/instruction currently resides
Typically depend on the actual implementation of the algorithm
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 5/29 5 / 29
7. Preliminaries (Side Channel Attacks, AES Implementation)
Cache-based Side Channel Attacks
Exploit the fact that memory access times vary by 1–2 orders of mag-
nitude depending on which level of the memory hierarchy the required
data/instruction currently resides
Typically depend on the actual implementation of the algorithm
Algorithms targeted – RSA, DSA, EC-DSA, AES, etc.
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 5/29 5 / 29
8. Preliminaries (Side Channel Attacks, AES Implementation)
AES Basics
Secret key cipher, 128-bit block size, key size = 128/192/256
Plaintext, ciphertext and key are each represented as a 4 × 4 matrix of
bytes
P =
p0 p4 p8 p12
p1 p5 p9 p13
p2 p6 p10 p14
p3 p7 p11 p15
K =
k0 k4 k8 k12
k1 k5 k9 k13
k2 k6 k10 k14
k3 k7 k11 k15
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 6/29 6 / 29
9. Preliminaries (Side Channel Attacks, AES Implementation)
AES Basics
Secret key cipher, 128-bit block size, key size = 128/192/256
Plaintext, ciphertext and key are each represented as a 4 × 4 matrix of
bytes
P =
p0 p4 p8 p12
p1 p5 p9 p13
p2 p6 p10 p14
p3 p7 p11 p15
K =
k0 k4 k8 k12
k1 k5 k9 k13
k2 k6 k10 k14
k3 k7 k11 k15
10 rounds for 128-bit AES. Round keys obtained from original AES key
via “Key Expansion Algorithm”
Plaintext is XORed with AES key before first round
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 6/29 6 / 29
10. Preliminaries (Side Channel Attacks, AES Implementation)
AES Operations with pictures
x
(r)
0 x
(r)
4 x
(r)
8 x
(r)
12
x
(r)
1 x
(r)
5 x
(r)
9 x
(r)
13
x
(r)
2 x
(r)
6 x
(r)
10 x
(r)
14
x
(r)
3 x
(r)
7 x
(r)
11 x
(r)
15
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 7/29 7 / 29
11. Preliminaries (Side Channel Attacks, AES Implementation)
AES Operations with pictures
x
(r)
0 x
(r)
4 x
(r)
8 x
(r)
12
x
(r)
1 x
(r)
5 x
(r)
9 x
(r)
13
x
(r)
2 x
(r)
6 x
(r)
10 x
(r)
14
x
(r)
3 x
(r)
7 x
(r)
11 x
(r)
15
↓
˜x
(r)
0 ˜x
(r)
4 ˜x
(r)
8 ˜x
(r)
12
˜x
(r)
5 ˜x
(r)
9 ˜x
(r)
13 ˜x
(r)
1
˜x
(r)
10 ˜x
(r)
14 ˜x
(r)
2 ˜x
(r)
6
˜x
(r)
15 ˜x
(r)
3 ˜x
(r)
7 ˜x
(r)
11
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 7/29 7 / 29
12. Preliminaries (Side Channel Attacks, AES Implementation)
AES Operations with pictures
x
(r)
0 x
(r)
4 x
(r)
8 x
(r)
12
x
(r)
1 x
(r)
5 x
(r)
9 x
(r)
13
x
(r)
2 x
(r)
6 x
(r)
10 x
(r)
14
x
(r)
3 x
(r)
7 x
(r)
11 x
(r)
15
↓
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
•
˜x
(r)
0 ˜x
(r)
4 ˜x
(r)
8 ˜x
(r)
12
˜x
(r)
5 ˜x
(r)
9 ˜x
(r)
13 ˜x
(r)
1
˜x
(r)
10 ˜x
(r)
14 ˜x
(r)
2 ˜x
(r)
6
˜x
(r)
15 ˜x
(r)
3 ˜x
(r)
7 ˜x
(r)
11
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 7/29 7 / 29
13. Preliminaries (Side Channel Attacks, AES Implementation)
AES Operations with pictures
x
(r)
0 x
(r)
4 x
(r)
8 x
(r)
12
x
(r)
1 x
(r)
5 x
(r)
9 x
(r)
13
x
(r)
2 x
(r)
6 x
(r)
10 x
(r)
14
x
(r)
3 x
(r)
7 x
(r)
11 x
(r)
15
↓
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
•
˜x
(r)
0 ˜x
(r)
4 ˜x
(r)
8 ˜x
(r)
12
˜x
(r)
5 ˜x
(r)
9 ˜x
(r)
13 ˜x
(r)
1
˜x
(r)
10 ˜x
(r)
14 ˜x
(r)
2 ˜x
(r)
6
˜x
(r)
15 ˜x
(r)
3 ˜x
(r)
7 ˜x
(r)
11
⊕
k
(r)
0 k
(r)
4 k
(r)
8 k
(r)
12
k
(r)
1 k
(r)
5 k
(r)
9 k
(r)
13
k
(r)
2 k
(r)
6 k
(r)
10 k
(r)
14
k
(r)
3 k
(r)
7 k
(r)
11 k
(r)
15
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 7/29 7 / 29
14. Preliminaries (Side Channel Attacks, AES Implementation)
AES Operations with pictures
x
(r)
0 x
(r)
4 x
(r)
8 x
(r)
12
x
(r)
1 x
(r)
5 x
(r)
9 x
(r)
13
x
(r)
2 x
(r)
6 x
(r)
10 x
(r)
14
x
(r)
3 x
(r)
7 x
(r)
11 x
(r)
15
↓
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
•
˜x
(r)
0 ˜x
(r)
4 ˜x
(r)
8 ˜x
(r)
12
˜x
(r)
5 ˜x
(r)
9 ˜x
(r)
13 ˜x
(r)
1
˜x
(r)
10 ˜x
(r)
14 ˜x
(r)
2 ˜x
(r)
6
˜x
(r)
15 ˜x
(r)
3 ˜x
(r)
7 ˜x
(r)
11
⊕
k
(r)
0 k
(r)
4 k
(r)
8 k
(r)
12
k
(r)
1 k
(r)
5 k
(r)
9 k
(r)
13
k
(r)
2 k
(r)
6 k
(r)
10 k
(r)
14
k
(r)
3 k
(r)
7 k
(r)
11 k
(r)
15
=
x
(r+1)
0 x
(r+1)
4 x
(r+1)
8 x
(r+1)
12
x
(r+1)
1 x
(r+1)
5 x
(r+1)
9 x
(r+1)
13
x
(r+1)
2 x
(r+1)
6 x
(r+1)
10 x
(r+1)
14
x
(r+1)
3 x
(r+1)
7 x
(r+1)
11 x
(r+1)
15
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 7/29 7 / 29
15. Preliminaries (Side Channel Attacks, AES Implementation)
Software Implementation of AES
Makes extensive use of table look-ups in lieu of time-consuming field
operations (5-table implementation targeted by us)
Each table has 256 entries, each entry is 4 bytes
Line size or block size is 64 bytes in most machines
So a single table occupies 16 lines, 16 elements per line
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 8/29 8 / 29
16. Preliminaries (Side Channel Attacks, AES Implementation)
Round Functions implemented with table lookups
x
(r+1)
0 , x
(r+1)
1 , x
(r+1)
2 , x
(r+1)
3 ←T0 x
(r)
0 ⊕T1 x
(r)
5 ⊕T2 x
(r)
10 ⊕T3 x
(r)
15 ⊕ K
(r)
0
x
(r+1)
4 , x
(r+1)
5 , x
(r+1)
6 , x
(r+1)
7 ←T0 x
(r)
4 ⊕T1 x
(r)
9 ⊕T2 x
(r)
14 ⊕T3 x
(r)
3 ⊕ K
(r)
1
x
(r+1)
8 , x
(r+1)
9 , x
(r+1)
10 , x
(r+1)
11 ←T0 x
(r)
8 ⊕T1 x
(r)
13 ⊕T2 x
(r)
2 ⊕T3 x
(r)
7 ⊕ K
(r)
2
x
(r+1)
12 , x
(r+1)
13 , x
(r+1)
14 , x
(r+1)
15 ←T0 x
(r)
12 ⊕T1 x
(r)
1 ⊕T2 x
(r)
6 ⊕T3 x
(r)
11 ⊕ K
(r)
3
where,
x
(r)
i is the ith byte of the inputs to round r
K(r) is the rth round key and K
(r+1)
i refers to the ith
column of K(r+1).
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 9/29 9 / 29
17. Preliminaries (Side Channel Attacks, AES Implementation)
Organization of Tables in Cache
0
0
0
0
15
0
15
15
15
15
T0
T1
T2
T3
T4
Element 255
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 10/2910 / 29
18. Preliminaries (Side Channel Attacks, AES Implementation)
Organization of Tables in Cache
line size = 64 bytes
16 lines
Element 255
0
0
0
0
15
0
15
15
15
15
T0
T1
T2
T3
T4
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 10/2910 / 29
19. Preliminaries (Side Channel Attacks, AES Implementation)
Organization of Tables in Cache
Element 15
Element 0
Element 240 Element 255
0
0
0
0
15
0
15
15
15
15
T0
T1
T2
T3
T4
line size = 64 bytes
16 lines
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 10/2910 / 29
20. First Round Attack
Experimental Setup
Multi-threaded spy + Victim (running AES) on one core
Spy controller on another core
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 11/2911 / 29
21. First Round Attack
Run and Run size
The executions of the spy threads and victim are interleaved
Each execution instance of the victim is referred to as a run
The number of table accesses made during a run is referred to as the
run size (between 12 and 35 in our experiments)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 12/2912 / 29
22. First Round Attack
Run and Run size
The executions of the spy threads and victim are interleaved
Each execution instance of the victim is referred to as a run
The number of table accesses made during a run is referred to as the
run size (between 12 and 35 in our experiments)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 12/2912 / 29
23. First Round Attack
1st
Round Attack - Goal and Input
Goal:
To obtain the high-order nibble of each of the 16 bytes of the AES key
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 13/2913 / 29
24. First Round Attack
1st
Round Attack - Goal and Input
Goal:
To obtain the high-order nibble of each of the 16 bytes of the AES key
Input:
Several blocks of plaintext (Scenario 1) or ciphertext (Scenario 2)
Sets of cache line numbers accessed by victim in each run during
encryption (Scenario 1) or decryption (Scenario 2) of those blocks
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 13/2913 / 29
25. First Round Attack
1st
Round Attack - Example
Uses input to the first round
p0 ⊕ k0 p4 ⊕ k4 p8 ⊕ k8 p12 ⊕ k12
p1 ⊕ k1 p5 ⊕ k5 p9 ⊕ k9 p13 ⊕ k13
p2 ⊕ k2 p6 ⊕ k6 p10 ⊕ k10 p14 ⊕ k14
p3 ⊕ k3 p7 ⊕ k7 p11 ⊕ k11 p15 ⊕ k15
Table line number of elements accessed are (p0 ⊕ k0) , (p1 ⊕ k1) , ...,
(p15 ⊕ k15)
If we know the (pi ⊕ ki ) and pi , we can deduce (ki )
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 14/2914 / 29
26. First Round Attack
1st
Round Attack - Example
Uses input to the first round
p0 ⊕ k0 p4 ⊕ k4 p8 ⊕ k8 p12 ⊕ k12
p1 ⊕ k1 p5 ⊕ k5 p9 ⊕ k9 p13 ⊕ k13
p2 ⊕ k2 p6 ⊕ k6 p10 ⊕ k10 p14 ⊕ k14
p3 ⊕ k3 p7 ⊕ k7 p11 ⊕ k11 p15 ⊕ k15
Table line number of elements accessed are (p0 ⊕ k0) , (p1 ⊕ k1) , ...,
(p15 ⊕ k15)
If we know the (pi ⊕ ki ) and pi , we can deduce (ki )
Example
Actual sequence of line numbers: 5, 19, 44, 57, 3, 30, 40, 55, 14, 26, 37, 49, 10, 20, 32,
63, 15, 30, 41, 53, 5, 23, 39, 51, 11, 23, 37, 62, 2, 28, 39,...
Run 0: 3, 5, 14, 19, 26, 30, 40, 44, 55, 57, 64, 65, 73, 75
Run 1: 2, 3, 5, 10, 11, 14, 15, 19, 20, 23, 26, 30, 32, 37, 39, 40, 41, 44, 49, 51, 53, 55,
57, 62, 63
Run 2: 2, 5, 6, 8, 11, 14, 17, 21, 23, 27, 28, 31, 33, 37, 38, 39, 40, 44, 49, 50, 51, ...
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 14/2914 / 29
27. First Round Attack
Histogram of scores for each guessed value
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 15/2915 / 29
28. First Round Attack
Histogram of scores for each guessed value
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 15/2915 / 29
29. First Round Attack
Histogram of scores for each guessed value
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 15/2915 / 29
30. First Round Attack
Histogram of scores for each guessed value
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 15/2915 / 29
31. First Round Attack
Histogram of scores for each guessed value
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 15/2915 / 29
32. Second Round Attack
2nd
Round Attack - Strategy
Goal
To obtain the low-order nibble of each byte of the AES key
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 16/2916 / 29
33. Second Round Attack
2nd
Round Attack - Strategy
Goal
To obtain the low-order nibble of each byte of the AES key
Treat the low-order nibble of each of the 16 bytes of the key as an
attribute of a relation (table)
Each tuple in the table is a potential subkey values. Initially, any of
the 264 subkey values are possible
As in RDBMS, selection predicates are used to filter out tuples
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 16/2916 / 29
34. Second Round Attack
Selection Predicate for Key Retrieval
The selection predicates we employ are the 16 equations that relate the
indices of line numbers of table elements accessed in the second round
and various bytes of the plaintext and key
Example
x
(2)
0 = 2•s(p0 ⊕k0)⊕3•s(p5 ⊕k5)⊕s(p10 ⊕k10)⊕ s(p15 ⊕k15)⊕s(k13)⊕k0 ⊕1
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 17/2917 / 29
35. Second Round Attack
Applying the selection predicate
(x
(2)
0 ) = (2 • s(p0 ⊕ k0) ⊕ 3 • s(p5 ⊕ k5) ⊕ s(p10 ⊕ k10) ⊕ s(p15 ⊕ k15)
⊕ s(k13) ⊕ k0 ⊕ 1)
The LHS is the line number on which the required element resides
Actually what is provided by the spy is not a single number but a set
of line numbers
We retain a tuple only if the RHS evaluates to any element in the set
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 18/2918 / 29
36. Second Round Attack
Performance and Cost considerations
The number of plaintexts (encryptions) required to retrieve the key is
ε = −4
log2 c , where c = (per table run size) /16
If c = 8/16 = 0.5, the number of encryptions required is just 4!
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 19/2919 / 29
37. Second Round Attack
Performance and Cost considerations
The number of plaintexts (encryptions) required to retrieve the key is
ε = −4
log2 c , where c = (per table run size) /16
If c = 8/16 = 0.5, the number of encryptions required is just 4!
But at what cost?
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 19/2919 / 29
38. Second Round Attack
Performance and Cost considerations
The number of plaintexts (encryptions) required to retrieve the key is
ε = −4
log2 c , where c = (per table run size) /16
If c = 8/16 = 0.5, the number of encryptions required is just 4!
But at what cost?
Handling 264 tuples
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 19/2919 / 29
39. Second Round Attack
Performance and Cost considerations
The number of plaintexts (encryptions) required to retrieve the key is
ε = −4
log2 c , where c = (per table run size) /16
If c = 8/16 = 0.5, the number of encryptions required is just 4!
But at what cost?
Handling 264 tuples
Solution
Use relational join operations and Cartesian products in addition to
selects
Carefully choose the relational schema and which operations are per-
formed when and on which relations
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 19/2919 / 29
40. Second Round Attack
Relational Join Recap
Student Dept.
Cynthia EE
Mustafa ME
Prashant CS
Tsai-Shing CS
Dept. Building
CS Niagara
EE Danube
EE Nile
ME Ganges
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 20/2920 / 29
41. Second Round Attack
Relational Join Recap
Student Dept.
Cynthia EE
Mustafa ME
Prashant CS
Tsai-Shing CS
Dept. Building
CS Niagara
EE Danube
EE Nile
ME Ganges
Which students visit which buildings for department-related work?
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 20/2920 / 29
42. Second Round Attack
Relational Join Recap
Student Dept.
Cynthia EE
Mustafa ME
Prashant CS
Tsai-Shing CS
Dept. Building
CS Niagara
EE Danube
EE Nile
ME Ganges
=
Student Dept. Building
Cynthia EE Danube
Cynthia EE Nile
Mustafa ME Ganges
Prashant CS Niagara
Tsai-Shing CS Niagara
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 20/2920 / 29
50. Results
Key Retrieval Algo in action (contd.) (Round 2 Attack)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 23/2923 / 29
51. Results
Key Retrieval Algo in action (contd.) (Round 2 Attack)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 23/2923 / 29
52. Results
Key Retrieval Algo in action (contd.) (Round 2 Attack)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 23/2923 / 29
53. Results
Key Retrieval Algo in action (contd.) (Round 2 Attack)
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 23/2923 / 29
54. Results
Performance of Key Retrieval Algorithms
First Round Attack:
70% → in 5–7 encryptions
16% → in 8 encryptions
13% → in 9 encryptions
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 24/2924 / 29
55. Results
Performance of Key Retrieval Algorithms
First Round Attack:
70% → in 5–7 encryptions
16% → in 8 encryptions
13% → in 9 encryptions
Second Round Attack:
90% → in 6 encryptions
7% → in 7 encryptions
3% → in 8 encryptions
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 24/2924 / 29
56. Results
Algorithm’s performance as a function of run size
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 25/2925 / 29
57. Limitations and Extensions
Limitations
False Negatives in spy input will result in an incorrect key being de-
duced
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 26/2926 / 29
58. Limitations and Extensions
Limitations
False Negatives in spy input will result in an incorrect key being de-
duced
Assumptions made may not always hold
1 Victim and multi-threaded spy process are located on same core
2 Hardware prefetching of cache line is turned off
3 No other processes are accessing AES table
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 26/2926 / 29
59. Limitations and Extensions
Extensions
Design and implementation of error-tolerant key retrieval algorithm
Key retrieval algorithms with hardware prefetching turned on
Further optimizations in First Round Attack
Operationalization of the attack
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 27/2927 / 29
60. Summary and Conclusions
Conclusions
Designed and implemented a suite of algorithms to deduce the 128-bit
AES key using as input sets of unordered lines captured by spy threads
Two attack scenarios where either plaintext or ciphertext is known
Algorithms expressed using simple relational algebraic operations and
run in under a minute
In practice only 6–7 blocks of plaintext or ciphertext were required
Developed analytical models to estimate number of encryptions or de-
cryptions required
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 28/2928 / 29
61.
62. Function of Spy Thread and Spy Controller
Spy Thread
1: block until cond variable is true
2: for each line of AES tables do
3: measure access time
4: flush line
5: end for
6: finished ← true
Spy Controller
1: while finished = true do
2: keep polling
3: end while
4: signal(nextThreadID)
5: finished ← false
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 1/3 1 / 3
63. Function of Spy Thread and Spy Controller
Spy Thread
1: block until cond variable is true
2: for each line of AES tables do
3: measure access time
4: flush line
5: end for
6: finished ← true
Spy Controller
1: while finished = true do
2: keep polling
3: end while
4: signal(nextThreadID)
5: finished ← false
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 1/3 1 / 3
64. No. of surviving tuples
(x
(2)
0 ) = (2 • s(p0 ⊕ k0) ⊕ 3 • s(p5 ⊕ k5) ⊕ s(p10 ⊕ k10) ⊕ s(p15 ⊕ k15)
⊕ s(k13) ⊕ k0 ⊕ 1)
For an incorrect/random “guess” of the key, the RHS takes a value
between 0 and F with equal probability
The probability that a tuple survives (satisfies the predicate) is c =
(per table run size) /16
The number of surviving tuples is hence 264 × c
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 2/3 2 / 3
65. No. of plaintexts required for Key Retrieval
We have a total of 16 equations and inputs from ε encryptions or a
total of 16ε predicates
The size of the output relation after being subject to 16ε select
operations is 264 × c16ε
To estimate the number of plaintexts (encryptions) required to
retrieve the key, we solve for ε from 264 × c16ε = 1 to obtain
ε = −4
log2 c , where ε is no. of plaintext(s) required
Euro S&P ’16 Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks 3/3 3 / 3