170 likes | 241 Views
Wide Collisions in Practice. Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS 2012- Singapore. Overview. Side Channel Collision Attacks Wide Collisions for AES Improving Recognition Rates Attack Results. Embedded Systems.
E N D
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10thACNS 2012- Singapore
Overview • Side Channel Collision Attacks • Wide Collisions for AES • Improving Recognition Rates • Attack Results
Embedded Systems • Specific purpose device with computing capabilities • Constrained resources • Many require security
Side Channel Attacks … leaks additional information via side channel! e.g. power consumption / EM emanation plaintext AES Leakage ciphertext
Collisions in AES plaintext Collision:Querying same S-box value twice Collision Attack: Exploiting collision detections to recover secret key Add_Key Sub_Bytes y1 y4 = y1 S-box 1 S-box 4
Collision Detection Collisions are highly frequent: • First round: .41 collisions • One encryption: >40 collisions Detecting collisions is hard: • One encryption: 12 720 comparisons • Probability of a collision: <0.4% • False positive rate of 1%: >120 faulty detections Shouldminimize false positives
Wide Collisions (I) • Two AES encryptions with chosen inputs • Same plaintexts except for diagonals! • AddRoundKey, SubBytes -> same difference
Wide Collisions (II) • ShiftRows aligns differences • MixColumns can result in equal bytes Collision
Wide Collisions (III) • 2ndShiftRows results in equal columns • Full column collides until next ShiftRows! • 5predictable S-Box collisions between 2 encryptions! Full Column Collision
Collision Detection • Direct Comparison of two power traces • Ideally only compared in leaking regions(5 s-Boxes and full MixColumnscolliding) Point selection necessary: • Knowledge of implementation or profiling needed + S-box in round 2 + Mix Columns S-box 4 S-boxes (in round 3)
Key Recovery Phase • 1st byte after 1stMixColumns: • 4 collisions reduce key candidates from 232 to 1 candidate per diagonal. • Full key recovery: 16 distinct collisions. Avoid false positives
Outlier Method Procedure: Find overall Mean Trace Locate Outlier Region Locate Neighboring Pairs Mean Trace Individual Trace Outlier Region
Outlier Method: Details Two parameters: • Size of outlier region • Admitted distance betweenneighboring points Both influence • Number of detected collisions • Rate of false positives Tradeoff depends on implementation
Results • Unprotected SW implementation, 8-bit Smart Card • Results on 3000 power traces: • Wide Collisions stronger, but knowledge of implementation or profiling needed • Blind Templates (+ PCA) are great for device profiling
Optimized Collision Detection • Targeting Wide Collisions • Strong leakage, easier to detect • Requires chosen inputs • UsingOutlier Detection method: • Reduces overall detection of collisions • Minimizes false positives
Conclusion • Wide collisions yield feasible power based collision attack • Outlier Method is a helpful tool for decreasing false positive detections
Thank you very much for your attention! teisenba@fau.edu