Introduction Scope of the Attack Attack Steps Conclusion Reverse Engineering of a Secret AES-like Cipher by Ineffective Fault Analysis Antoine Wurcker Christophe Clavier [email protected][email protected]Universit´ e de Limoges FDTC 2013 20-08-2013 Antoine Wurcker (Universit´ e de Limoges) Reverse AES by IFA FDTC 2013 1 / 33
51
Embed
Reverse Engineering of a Secret AES-like Cipher by Ineffective …conferenze.dei.polimi.it/FDTC13/shared/FDTC-2013-session... · 2013-10-11 · Introduction Scope of the Attack Attack
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Introduction Scope of the Attack Attack Steps Conclusion
Reverse Engineering of a Secret AES-like Cipher byIneffective Fault Analysis
2 Scope of the AttackModifications on AESConstraints on Attacker
3 Attack Steps
4 ConclusionGlobal ResultsFuture Works
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 3 / 33
Introduction Scope of the Attack Attack Steps Conclusion
AES
AES Datapath
M
AddRoundKey(K0)
S0
Sr−1
SubBytes
ShiftRows
MixColumns
AddRoundKey(Kr )
Sr
S9
SubBytes
ShiftRows
AddRoundKey(K10)
C
r = 0 r = 1, . . . , 9 r = 10
Figure: The AES encryption path.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 4 / 33
Introduction Scope of the Attack Attack Steps Conclusion
AES
AES KeySchedule
⊕ ⊕ ⊕ ⊕
Kr−1
RotWord
SubWord⊕Rcon(r)
Kr
Figure: The AES key schedule.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 5 / 33
Introduction Scope of the Attack Attack Steps Conclusion
IFA
Ineffective Fault Analysis
Fault Model: Stuck at 0 a precise byte.
Fault effect:
Ciphertext not modified ⇒ the value was already 0.
Ciphertext modified ⇒ the value was not 0.
Remark:
IFA by-pass dual-execution countermeasure.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 6 / 33
Introduction Scope of the Attack Attack Steps Conclusion
IFA
E5
23
AF
75
77
13
98
1A
08
9C
34
EE
B6
59
44
M⇓...
...
⇓C
45
E5
23
AF
75
77
13
98
1A
08
9C
34
EE
B6
59
44
M⇓...
...
⇓C ′
00
6=
Figure: Example of no-occurrence of IFA.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 7 / 33
Introduction Scope of the Attack Attack Steps Conclusion
IFA
AB
5F
31
45
4C
DE
C6
11
58
90
67
6F
78
58
34
M⇓...
...
⇓C
00
AB
5F
31
45
4C
DE
C6
11
58
90
67
6F
78
58
34
M⇓...
...
⇓C
00
=
Figure: Example of occurrence of IFA.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 7 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Notations
Notations
mi : Byte number i of the input plaintext M.
ci : Byte number i of the output ciphertext C .
Kr : 128-bit Key of round number r .
kr ,i : Byte number i of the round key Kr .
S(): Function SubBytes.
S−1(0) : Preimage of 0 value by S-Box table
µi = k0,i ⊕ S−1(0)
Xr = {xr ,0, . . . , xr ,15}: Input state of SubBytes step of round rYr = {yr ,0, . . . , yr ,15}: Input state of ShiftRows step of round rZr = {zr ,0, . . . , zr ,15}: Input state of MixColumns step of round rTr = {tr ,0, . . . , tr ,15}: Input state of AddRoundKey step of round r
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 8 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Then we use knowledge of mk1,i and mk2,i+8 to have z1,1 = S(mk1,i ) andz1,2 = S(mk2,i+8):
α1 ∗ z1,1 ⊕ α2 ∗ z1,2 ⊕ α3 ∗ z1,3 = 0
k1,i ⊕ S−1(0)⊕ k1,i+8 ⊕ S−1(0)⊕ α3 ∗ z1,3 = 0
k1,i ⊕ k1,i+8 ⊕ α3 ∗ z1,3 = 0
µi+4 ⊕ µi+8 ⊕ α3 ∗ z1,3 = 0
Then we exhaust value for z1,3 until we got an IFA.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 24 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Reducing MixColumns Using K1 Relations
Reducing MixColumns Using K1 Relations(1/2)We will force the K0-K1 relation to appear in IFA equations. As inprevious step we use mk0,0 knowledge to clean K1 and S−1(0) :
2 Scope of the AttackModifications on AESConstraints on Attacker
3 Attack Steps
4 ConclusionGlobal ResultsFuture Works
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 30 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Global Results
Global Results
We by-pass the dual-execution countermeasure.
In 95.28% of cases we retrieve the whole algorithm specifications in anaverage of ∼ 25k required fault number.
With reasonable over-costs, we are able to extend our attack to twoharder configurations:
1 Full entropy MixColumns matrix: MixColumns matrix is no morecirculant and is composed of 16 independent parameters. This newattack is valid in 99.99% of cases (instead of 95.28%).
2 Extended Rcon parameters: Rcon is no more dependant from anunique value ρ but each round have it’s own independent value.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 31 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Future Works
Future Works
Search tricks in order to reduce fault number.
Extend attack to 5% remaining cases.
Adapt attack when fault is done on exclusive-or (⊕) operationsinstead of table lookup.
Study adaptability of this attack in presence of different type ofcounter-measures.
Study how the knowledge of the key facilitates the attack (adecryption function available on the device give ability to find thekey).
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 32 / 33
Introduction Scope of the Attack Attack Steps Conclusion
Questions
Questions
Thank you for your attention.
Any Question ?
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 33 / 33
Proof: Only 255 MixColumns Candidates Remains
Proof: Only 255 MixColumns Candidates Remains
Proof.
τ (0) =µ1,i+4⊕µ1,i+8
α3∗βp1
τ (0) =µ1,i+8⊕µ1,i+12
α3∗βp2
}⇒ βp1−p2 =
µ1,i+4 ⊕ µ1,i+8
µ1,i+8 ⊕ µ1,i+12
⇒ (αi?
αj?)p1−p2 =
µ1,i+4 ⊕ µ1,i+8
µ1,i+8 ⊕ µ1,i+12
⇒ αp1−p2
i? =µ1,i+4 ⊕ µ1,i+8
µ1,i+8 ⊕ µ1,i+12∗ αp1−p2
j?
It remains 255 valid pairs (αi? , αj?). Already acquired relations extendthis property to other MixColumns parameters.
RemarkFor each of 255 candidates for MixColumns parameters we are able tocalculate τ (0) and β, then the whole sequence (τ (k))k=0,...,254.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 34 / 33
Simulation’s Oracle
Simulation’s Oracle
We ran simulations using an oracle taking as input:
the parameters of the modified AES
the round and S-Box position that is considered as faulted
the message we decide to play
it gives back a boolean value indicating if the fault was ineffective or not.
Antoine Wurcker (Universite de Limoges) Reverse AES by IFA FDTC 2013 35 / 33