FAULT TOLERANT SYSTEMSeuler.ecs.umass.edu/ece655/pdf/Part21-ch9-crypto.pdf · 2016. 10. 17. · ∗...

Page 1

Copyright 2007 Koren & Krishna, Morgan-Kaufman Part.21.1

FAULT TOLERANT SYSTEMS

http://www.ecs.umass.edu/ece/koren/FaultTolerantSystems

Part 21 – Cryptograpgy

Chapter 9 – Fault Detection in Cryptographic Systems


Need for Fault Detection

♦Hardware implementations of ciphers are very sensitive to faults – a single fault results in a totally scrambled output

♦More importantly, by injecting faults and observing the outputs the secret key can be extracted

∗ Example of side-channel information – from the specific hardware/software implementation rather than crypto-analysis of the cipher

∗ Other examples of side-channel information: » power » timing

Page 2


Types of Ciphers

♦A cipher encrypts a plaintext using a secret key and generating a ciphertext

♦The keys for encryption and decryption can be∗ Identical – symmetric key ciphers∗ Different – asymmetric key (or public key) ciphers

♦Symmetric key ciphers – simpler algorithm but shared key may be discovered

∗ Key must be changed periodically – new keys generated using a pseudo-random generator

∗ New keys must be distributed securely using a more secure cipher

♦Public key ciphers – more complex algorithm and harder to break


Symmetric key ciphers

♦DES (Data Encryption Standard)∗ 64-bit plaintext and 56-bit key

♦AES (Advanced Encryption Standard)∗ 128-bit plaintext and 128- to 256-bit key

♦Higher security provided by∗ Longer key∗ Longer plaintext

♦Encryption process must be reversible to allow decryption

♦Encryption attempts to scramble the plaintext as much as possible

Page 3


Data Encryption Standard (DES)♦Encryption has 16 identical

rounds, each uses a different 48-bit round-key K

♦Round – Feistel function:∗ Divide plaintext to 2 halves B1

and B2

∗ B1 unchanged, B2 added (mod-2) to F(B1,K)

∗ One-way hash function that takes a long input and produces a fixed-length output and is hard to reverse

∗ B1 and B2 are swapped

1`212

`1 );,( BBKBFBB =+=


Key Schedule for DES

♦Original 64-bit key has 8 parity bits

∗ "Permuted Choice 1 " selects 56

∗ Split to 2 28-bit, each rotated to the left (<<<) by 1 or 2 bits

∗ "Permuted Choice 2 " selects 24 from each half to generate the round key

Page 4


Feistel Function in DES

♦(1) Expansion: 32 to 48 bits – permutation that duplicates some bits

♦(2) Add Key – add mod-2 the 48-bit round key♦(3) Substitution – 8 groups of 6 bits into Sboxes

(lookup table) each generating 4 bits using a non-linear transformation

♦(4) Permutation


Triple DES

♦A specially designed circuit succeeded in breaking DES in less than 24 hours

♦The security can be increased by using Triple DES – applying DES 3 times

∗ Version 1 – use 3 different keys for total of 168 bits∗ Version 2 – use 112-bit key

♦Has been replaced by AES in 2002♦Still, often used in the Triple DES form

Page 5


Advanced Encryption Standard (AES)♦128-bit plaintext represented as 4×4 matrix of

bytes♦Four steps each round

∗ 9, 11, 13 rounds ⇔ 129-, 192-, 256-bit key

)3,2,1,0,(, =jiS ji

Plain Text

Initial Round

XorRoundKey

¹ Number of iterations depends on key size

9, 11 or 13 times¹

SubBytes

ShiftRows

MixColumns

XorRoundKey

Inner RoundKey Scheduler(or round key table)

SubBytes

ShiftRows

XorRoundKey

Final Round

Encrypted Text


Four steps in a Round

♦SubBytes: 8-bit lookup table – SBox♦ShiftRows: shifting rows by 0,1,2,3

bytes –♦MixColumns: α=x=0216; β=x+1=0316 ,

⊗ and ⊕ are mod-2 multiply and add modulo AES generator polynomial

♦AddRoundKey: Adding round subkey mod-2 ♦In the last round MixColumns omitted♦Prior to 1st round – 1st subkey is added

=

2,31,30,33,3

1,20,23,22,2

0,13,12,11,1

3,02,01,00,0

ssss

ssssssss

ssss

S

)()(

)()(

)()(

)()(

,3,2,1,,3

,3,2,1,,2

,3,2,1,,1

,3,2,1,,

jjjjoj

jjjjoj

jjjjoj

jjjjojo

sssss

sssss

sssss

sssss

⊗⊕⊕⊕⊗=

⊗⊕⊗⊕⊕=

⊕⊗⊕⊗⊕=

⊕⊕⊗⊕⊗=

αβ

βα

βα

βα

1)( 348 ++++= xxxxxg

Page 6


AES key Schedule

♦ Nr=10,12,14 rounds

♦ Nk=4,6,8 words in plaintext

]00,00,00,[][ 1−= jcon xjR


Example

♦ MixColumns:

Plaintext = 32 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34128-bit key = 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c

deed

dbfd

ssss

17307174

30)503()02(4

)()( 0,30,20,10,00,1

=⊕⊕⊕=⊕⊗⊕⊗⊕=

⊕⊗⊕⊗⊕= βα

043051181

305)03()402(

)()( 0,30,20,10,00,0

=⊕⊕⊕=⊕⊕⊗⊕⊗=

⊕⊕⊗⊕⊗=

dcb

dbfd

sssss βα

6617)1(7)(mod17 34 =⊕=+++⊕= bdxxxbxgd

Page 7


Effect of Errors♦ Plaintext:

32 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34♦ 128-bit key:

2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c♦ Ciphertext:

39 25 84 1d 02 dc 09 fb dc 11 85 97 19 6a 0b 32

♦ A single error in the plaintext: 30 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34

♦ Results in the ciphertext: c0 06 27 d1 8b d9 e1 19 d5 17 6d bc ba 73 37 c1

♦ A single error in the key: 2a 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c

♦ Results in the ciphertext: c4 61 97 9e e4 4d e9 7a ba 52 34 8b 39 9d 7f 84

♦ A single-bit error results in a totally scrambled output


Public Key Ciphers♦ Instead of a shared secret key, the sender and recipient have

a public key and a private key∗ Private key remains secret while the public key distributed∗ One key locks a safe, the other key is needed to unlock∗ A uses B's public key to encrypt a message which B decrypts with

his private key♦ Another application – sender authentication

∗ A encrypts a message with her private key∗ If B succeeds in decrypting the message B is assured that A sent

it ♦ Two commonly used ciphers

∗ RSA (Rivest, Shamir, Adelman) – based on the difficulty of factoring a large integer into prime factors

∗ ECC (Elliptic Curve Cryptography) – based on the difficulty of calculating the discrete logarithm – calculate b from

∗ Security provided relies of difficulty of finding the secret keyand having to use exhaustive search

cab =

Page 8


RSA Cipher♦A generate keys:

∗ Select p,q large prime numbers (at least hundred digits) and denote N=pq

∗ Select a small odd integer c relatively prime (only common factor is 1) to

∗ Find integer d so that∗ (e,N) – public key; (d,N) – private key

♦B wants to send A a message M∗ B encrypts M using A's public key

» M is restricted to 0 ≤ M ≤ N-1∗ A decrypts using private key d -

)1)(1()( −−= qpNφ

)(mod1 Nde φ=

NMS e mod=

MNMNS ded == modmod


RSA Cipher - Example♦p=7; q=11 ⇒ N=77;♦Select e=7 (relatively prime to 60)♦d=43 since 7×43=301=1 mod 60♦B wants to send M=9

∗ B encrypts using the public key (e,N)=(7,77) –

♦We decrypt using the private key (d,N)=(43,77) -

60610)( =×=Nφ

3777mod478296977mod97 ==

977mod3743 =

Page 9


Security Attacks using Side-Channel Information♦ Information obtained from physical implementation:

∗ Timing – time needed to encrypt may depend on bits of key∗ Power – power profile may depend on bits of the key∗ Attacker narrows the range of values to be attempted

♦ Protection schemes∗ Inject random # of useless instructions scrambling relation

between key & time – also helps against power attacks∗ Designs with data-independent delay or dual-rail logic

(consume same power for all keys)∗ These techniques incur delay and/or power penalties

♦ Another attack – by injecting faults∗ Vary the supply voltage – generate a spike∗ Vary the clock frequency – generate a glitch∗ Overheat the device∗ Expose to intense light – camera flash or precise laser beam∗ Faults injected into a byte or a few bits


Faults Attacks on Symmetric Cipher - DES♦Assume:

∗ Secret key transferred from EEPROM to memory∗ Attacker can reset an entire byte of the key ∗ Fault can be injected at precise time (use power profile)

♦8 steps ∗ Encrypt known plaintext with a number of bytes forced to 0∗ Based on 1st byte of key found (trying 128 combinations) 7S

♦Another attack:∗ Cause instruction to fail

using clock glitch∗ E.g., execute only one or

two rounds simplifying key extraction

∗ Can also be used against AES (even software implementation)

Page 10


Fault Attacks on RSA♦Only decryption is subject to attacks♦Assume:

∗ 1. Attacker can flip a single bit in key d 2. S and corresponding message M known to attacker

∗ Decryption device generates satisfying∗ If then∗ If then ∗ Similarly – flip a bit in S or flip two or more bits

♦ Example: (e,N)=(7,77), d=43∗ Ciphertext=37 producing M=9 if no fault is injected

and if a fault is injected ∗ Search for i such that i=3

since

M̂ NS

SMM

ii

ii

d

dmod

ˆ2

2=

NSMMi

mod1ˆ 2=NSMM

i

modˆ 2= 0=id1=id

2012345 101011=dddddd

67ˆ =M77mod)3767(9 2 i

⋅=

977mod)5367(77mod)3767( 8 =⋅=⋅

)1( 3 =d


Countermeasures

♦Must first detect injected fault, then prevent attacker from observing the erroneous output

∗ Block the output (e.g., generate all zeroes output)∗ Produce a random output misleading the attacker

♦Two approaches:∗ 1. Duplicate encryption (decryption) process (hardware or

time redundancy) and compare results – injected faults transient and will manifest differently

∗ Spatial duplication – redundant encryption unit or use decryption unit & compare to original plaintext

∗ Temporal duplication – reuse hardware or re-execute software

∗ 2. Use error-detection codes – require smaller overhead but possibly a lower coverage

Page 11


Error Detecting Codes (EDCs)♦ First generate check bits♦ For each operation within encryption predict check bits♦ Periodically compare predicted check bits to generated ones♦ Predicting check bits for each operation - most complex step

∗ Should be compared to duplication♦ Examples of EDC – parity based and residue checks♦ Can be applied at

different levels –word, byte, nibble


Parity-based Code for AES♦ Operations operate on bytes so byte-level parity is natural♦ ShiftRows: rotating the parity bits♦ AddRoundKey: add parity bits of state to those of key♦ SubBytes: Expand Sbox to 256×9 – add output parity bit;

to propagate incoming errors (rather than having to check) expand to 512×9 – put incorrect parity bit for inputs with incorrect parity

♦ MicColumns: The expressions are: where is the msb of the state byte in position i,j

)7(,0

)7(,3,3,2,1,3

)7(,3

)7(,2,2,1,0,2

)7(,2

)7(,1,3,1,0,1

)7(,1

)7(,0,3,2,0,0

jjjjjj

jjjjjj

jjjjjj

jjjjjj

SSpppp

SSpppp

SSpppp

SSpppp

⊕⊕⊕⊕=

⊕⊕⊕⊕=

⊕⊕⊕⊕=

⊕⊕⊕⊕=

)7(, jis

Transformation

Transformation Input(input state matrix)

Transformation Result(output state matrix)

Parity Bit(s)

Parity Prediction

PredictedParity Bit(s)

Page 12


AES – Scheduling of Checks♦Comparing predicted to generated

parity bits∗ After each operation∗ After each round∗ At end of encryption – smallest

hardware & time overheads» Does not mask error indication

SubBytes

ShiftRows

MixColumns

XorRoundKey

Encryption level

Round level

Transformation level


AES - Coverage♦Coverage – parity

codes detect odd-order faults

∗ Even-order faults in same byte – not detected

∗ If multiple faults are injected –overall coverage > 99%

♦EDCs can be used for other ciphers including public key ciphers

∗ RSA uses modular arithmetic – residue check is most appropriate

Page 13


Fault Detection is not always sufficient♦ Example – RSA♦ Can be protected

against fault injection using residue check or encrypting M & comparing to S

♦ Is Vulnerable to power analysis – more power consumed if

♦ Modified to use same power and has fault detection

♦ Still vulnerable to fault injection

♦ Inject fault in calculation of b – if correct M, one bit of d is deduced

1=id


Montgomery-step Algorithm

♦ Intermediate values of a & b are used and an injected fault will be detected

♦ Provides another way to detect faults: a & b must be of form (M,SM)

♦ Checking this relation detects most faults except – bits of d or number of loop iterations – these can be check with EDC

Page 14


AES - Successful Attack even if Faults detected

♦Provide all-zero input to AES encryption♦In initial round key is added – state=key♦Before SubBytes inject a stuck-at-0 fault into

bit l∗ If result is correct then bit l of key is 0

♦Attack is complicated – exact timing and precise location of fault and fault type

♦Even if strict timing and location are not practical – repeating the experiment many times will allow extracting the secret key

Date post:	27-Aug-2020
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times

FAULT TOLERANT SYSTEMSeuler.ecs.umass.edu/ece655/pdf/Part21-ch9-crypto.pdf · 2016. 10. 17. · ∗...

Documents