PB173 Domain specific development: side-channel analysis Seminar 6: First Steps & CPA and DP A tukasz Chmielewski CR ACS chmiel@fi.muni.cz, Consultation: A406 Friday 9:00-11:00 centre for Research on Cryptography and Security www.fi.mu n i .cz/c rocs CRvvCS Example: Practical TEMPEST for $3000 • ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs - https://eprint.iacr.org/2016/129.pdf • E-M trace captured (across a wall) (a) Attacker's setup for capturing EM emanations. Left to right: (b) Target (Lcnovo 3000 N200), performing power supply, antenna on a stand, amplifiers, software defined radio ECDII decryption operations, on the other (white box), analysis computer. side of the wall. 2 www.fi.muni.cz/crocs CRvvCS Example: Practical TEMPEST for $3000 • ECDH implemented in latest GnuPG's Libgcrypt • Single chosen ciphertext - used operands directly visible I 111 1 1 illlJ \ 1 ilLi ll u I 3 www.fi.muni.cz/crocs CRvvCS Finishing DES Parity Fail: What is wrong here? public static boolean checkParity { byte[]key, int offset) { for (int i = 0; i < DES_KEY_LEN; i++) { // for all key bytes byte keyByte = key[i + offset]; int. count = 0; while (keyByte != 0) { // loop till no Al' bits left if ((keyByte & 0x01) != 0) { count++; // increment for every *1* bit } keyByte >»= 1; // shift right } if ((count & 1) = 0} { // not odd return false; // parity not adjusted } } return true; // all bytes were odd } www.fi.muni.cz/crocs CRvvCS 999 ■ ■ ■ 5 www.fi.muni.cz/crocs CRvvCS Groups • Currently 3 groups (3+3+3) • Weekly Code Development based on discussions. - Uploading code to GitHub. Everyone needs to commit! - Languages: Python, Julia, any • Topics: - Standard Signal Processing, Alignment, Visualization, Efficient Attacks (CPA & DPA), Efficient Parallel Acquisition with ChipWhisperer, Signal Processing for Public Key Crypto. • I will go through each group topic and discuss what to do. • Then I will help later on. 6 www.fi.muni.cz/crocs CRvvCS Division • Group 1: Tomas Re, Tomas Ro, Martin - Topic: Visualization - GitHub repository: please create • Group 2: Michael T, Lubomir, Richard - Topic: Standard Processing - Do you still think about the topic 5? - GitHub repository: + • Group 3: Michal, Matus, Filip - Topic: Align - GitHub repository: + • Extra people? www.fi.muni.cz/crocs CRvvCS Organization • Please register in IS: Side-Channel Topics Order topics by: names | last modification | supervisor Display topics: my current ones | currently available ones | all current ones | which have not been selection - Lukasz Michal Chmielewski, PhD 1. □ Align Supervisor: Lukasz Michal Chmielewski, PhD, učo 247858 a Students (max. 3/. 1. Matúš Renko, učo 536653, Fl B-PVA PVA [sem 3, year 2] Display operations 2. Visualization □ Supervisor: Lukasz Michal Chmielewski, PhD, učo 247858 n Students (max. 5Jt 1. Martin Lubojacký, učo 524912, Fl B-PVA PVA [sem 5, year 3] 2. Tomáš Režňák, učo 525G55, Fl B-PVA PVA [sem 5, year 3] Display operations 8 www.fi.muni.cz/crocs Group 3: Alignment • Goals: - Correlation-based Alignment - Peak-Based Alignment - Optional: elastic versions • Look at: AES_fixed_rand_input_CAFEBABEDEADBEEF0001020304050607+SAVE EVEN(0,1000)+MIS(100).trs • First tasks: - investigate cross-correlations in python - See all the uploaded scripts - Especially SaveAs.py and correlation.py • Main task - I will explain on the whiteboard. CRvvCS Group 2: Visulation • Displaying Traces • Manual Manipulation of the traces . Continuously investigating different traces • First Task: implement displaying traces using 2-3 different libraries - Matplotlib, bokeh, search for more - Someone did some work on that. Have a look here, but it might be Chaotic: httDs://github.com/nilswiersma/Dvwf/tree/master • Main task - I will explain on the whiteboard. 10 www.fi.muni.cz/crocs Group 1: Standard Signal Processing • Averaging, Standard Deviation • Spectral Intensity, Spectrum (Frequencies) • Correlation • First Tasks: - Implement easy modules: average, standard deviation, histogram, absolute value, - You can have a look at SaveAs.py and correlation.py - Try to implement computing spectrum, some inspiration https://realpvthon.com/python-scipv-fft/ • Main task - I will explain on the whiteboard. CRvvCS Let's go back to ChipWhisperer • Open the progress notebook • Let's have a look at CPA and DPA 13 www.fi.muni.cz/crocs CRvvCS CPA explained on the example: • https://qithub.com/newaetech/chipwhisperer-tutorials/blob/master/courses seal 01 SOLN Lab%204 2%20- %20CPA%20on%20Firmware%20lmplementation%20of %20AES-CWNANO-CWNANO.rst 14 www.fi.muni.cz/crocs CRvvCS Let's discuss your work • Work in groups 15 www.fi.muni.cz/crocs Reading • For interested people • Side-Channel Analysis - blue book: - http://dpabook.iaik.tugraz.at/ - The books is available at the uni. - Look online • The Hardware Hacking Handbook: - https://nostarch.com/hardwarehacking - I have an epub version. CRvvCS Questions ? 17 www.fi.muni.cz/crocs