Historical Overview of Physically Observable Side Channels Flashcards
TEMPEST
NSA program that looked at physical side channels => looked at not just crypto, but monitors, cables, etc (1st)
SPA
simple power analysis. attack on secret-dependent RSA control flow (square and sometimes multiply)
DPA
differential power analysis. MUL produces different signal based on inputs. train data to tell between 0 and 1. works well if can send the same msg for training and attack
2 DPA mitigations
- Exponent randomization (use d1 and d2 instead of secret d)
=>Attack can still work if it can recover d1 and d2 from a single trace - Message randomization (blinding)
Chosen Ciphertext Attacks
Attacker picks ciphertext to help determine the exponent, d
Adaptive chosen ciphertext attack
- Multiplying by 0 creates a smaller signal than when multiplying by anything else
- Want to manipulate the temporary values so that there are a lot of zeros if d is 0 and not a lot of zeros if d is 1
- Must send a message for each bit of the exponent
Non-adaptive chosen ciphertext attack
- For window RSA implementation
- Send a message for each window:
- Set message so that when wval is x it looks distinctive from all other wvals - Need much less attempts than adaptive attacks
three mitigations for SC after chosen ciphertext attacks
- exponent randomization
- message randomization
- Secret-independent control flow
One&Done
- Can be done in a single trace
- Can be done outside of BN_mod_mul
- Attacks BN_is_bit_set ==> harder because length is function is much shorter than a MUL
- BN_mod_mul is very distinct signal => can isolate BN_is_bit_set
Mitigation for One&Done
Use all bits of the window at a time => now the attacker has to distinguish between 2^5 different values in the signal (instead of 0 or 1)
