Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces

Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces

Locating a cryptographic operation in a side-channel trace, i.e. finding out where it is in the time domain, without having a template, can be a tedious task even for unprotected implementations. The sheer amount of data can be overwhelming. In a simple call to OpenSSL for AES-128 ECB encryption of...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Jens Trautmann, Arthur Beckers, Lennert Wouters, Stefan Wildermann, Ingrid Verbauwhede, Jürgen Teich
Formato: article
Lenguaje:EN
Publicado: Ruhr-Universität Bochum 2021
Materias:
Side-channel analysis
locating of cryptographic operations
Computer engineering. Computer hardware
TK7885-7895
Information technology
T58.5-58.64
Acceso en línea:https://doaj.org/article/05196398c9a2470ba65a73ade5478921
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:05196398c9a2470ba65a73ade5478921
record_format dspace
spelling oai:doaj.org-article:05196398c9a2470ba65a73ade54789212021-11-19T14:36:10ZSemi-Automatic Locating of Cryptographic Operations in Side-Channel Traces10.46586/tches.v2022.i1.345-3662569-2925https://doaj.org/article/05196398c9a2470ba65a73ade54789212021-11-01T00:00:00Zhttps://tches.iacr.org/index.php/TCHES/article/view/9300https://doaj.org/toc/2569-2925 Locating a cryptographic operation in a side-channel trace, i.e. finding out where it is in the time domain, without having a template, can be a tedious task even for unprotected implementations. The sheer amount of data can be overwhelming. In a simple call to OpenSSL for AES-128 ECB encryption of a single data block, only 0.00028% of the trace relate to the actual AES-128 encryption. The rest is overhead. We introduce the (to our best knowledge) first method to locate a cryptographic operation in a side-channel trace in a largely automated fashion. The method exploits meta information about the cryptographic operation and requires an estimate of its implementation’s execution time. The method lends itself to parallelization and our implementation in a tool greatly benefits from GPU acceleration. The tool can be used offline for trace segmentation and for generating a template which can then be used online in real-time waveformmatching based triggering systems for trace acquisition or fault injection. We evaluate it in six scenarios involving hardware and software implementations of different cryptographic operations executed on diverse platforms. Two of these scenarios cover realistic protocol level use-cases and demonstrate the real-world applicability of our tool in scenarios where classical leakage-detection techniques would not work. The results highlight the usefulness of the tool because it reliably and efficiently automates the task and therefore frees up time of the analyst. The method does not work on traces of implementations protected by effective time randomization countermeasures, e.g. random delays and unstable clock frequency, but is not affected by masking, shuffling and similar countermeasures. Jens TrautmannArthur BeckersLennert WoutersStefan WildermannIngrid VerbauwhedeJürgen TeichRuhr-Universität BochumarticleSide-channel analysislocating of cryptographic operationsComputer engineering. Computer hardwareTK7885-7895Information technologyT58.5-58.64ENTransactions on Cryptographic Hardware and Embedded Systems, Vol 2022, Iss 1 (2021)
institution DOAJ
collection DOAJ
language EN
topic Side-channel analysis
locating of cryptographic operations
Computer engineering. Computer hardware
TK7885-7895
Information technology
T58.5-58.64
spellingShingle Side-channel analysis
locating of cryptographic operations
Computer engineering. Computer hardware
TK7885-7895
Information technology
T58.5-58.64
Jens Trautmann
Arthur Beckers
Lennert Wouters
Stefan Wildermann
Ingrid Verbauwhede
Jürgen Teich
Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
description Locating a cryptographic operation in a side-channel trace, i.e. finding out where it is in the time domain, without having a template, can be a tedious task even for unprotected implementations. The sheer amount of data can be overwhelming. In a simple call to OpenSSL for AES-128 ECB encryption of a single data block, only 0.00028% of the trace relate to the actual AES-128 encryption. The rest is overhead. We introduce the (to our best knowledge) first method to locate a cryptographic operation in a side-channel trace in a largely automated fashion. The method exploits meta information about the cryptographic operation and requires an estimate of its implementation’s execution time. The method lends itself to parallelization and our implementation in a tool greatly benefits from GPU acceleration. The tool can be used offline for trace segmentation and for generating a template which can then be used online in real-time waveformmatching based triggering systems for trace acquisition or fault injection. We evaluate it in six scenarios involving hardware and software implementations of different cryptographic operations executed on diverse platforms. Two of these scenarios cover realistic protocol level use-cases and demonstrate the real-world applicability of our tool in scenarios where classical leakage-detection techniques would not work. The results highlight the usefulness of the tool because it reliably and efficiently automates the task and therefore frees up time of the analyst. The method does not work on traces of implementations protected by effective time randomization countermeasures, e.g. random delays and unstable clock frequency, but is not affected by masking, shuffling and similar countermeasures.
format article
author Jens Trautmann
Arthur Beckers
Lennert Wouters
Stefan Wildermann
Ingrid Verbauwhede
Jürgen Teich
author_facet Jens Trautmann
Arthur Beckers
Lennert Wouters
Stefan Wildermann
Ingrid Verbauwhede
Jürgen Teich
author_sort Jens Trautmann
title Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
title_short Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
title_full Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
title_fullStr Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
title_full_unstemmed Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces
title_sort semi-automatic locating of cryptographic operations in side-channel traces
publisher Ruhr-Universität Bochum
publishDate 2021
url https://doaj.org/article/05196398c9a2470ba65a73ade5478921
work_keys_str_mv AT jenstrautmann semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
AT arthurbeckers semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
AT lennertwouters semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
AT stefanwildermann semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
AT ingridverbauwhede semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
AT jurgenteich semiautomaticlocatingofcryptographicoperationsinsidechanneltraces
_version_ 1718420051788300288

Ejemplares similares