Certified Side Channels

09/04/2019
by   Cesar Pereida García, et al.
0

We demonstrate that the format in which private keys are persisted impacts Side Channel Analysis (SCA) security. Surveying several widely deployed software libraries, we investigate the formats they support, how they parse these keys, and what runtime decisions they make. We uncover a combination of weaknesses and vulnerabilities, in extreme cases inducing completely disjoint multi-precision arithmetic stacks deep within the cryptosystem level for keys that otherwise seem logically equivalent. Exploiting these vulnerabilities, we design and implement key recovery attacks utilizing signals ranging from electromagnetic (EM) emanations, to granular microarchitecture cache timings, to coarse traditional wall clock timings.

READ FULL TEXT
research
08/13/2020

Déjà Vu: Side-Channel Analysis of Mozilla's NSS

Recent work on Side Channel Analysis (SCA) targets old, well-known vulne...
research
08/10/2021

Util::Lookup: Exploiting key decoding in cryptographic libraries

Implementations of cryptographic libraries have been scrutinized for sec...
research
09/29/2022

CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software

Cache side-channel attacks extract secrets by examining how victim softw...
research
09/14/2020

Biased RSA private keys: Origin attribution of GCD-factorable keys

In 2016, Svenda et al. (USENIX 2016, The Million-key Question) reported ...
research
07/11/2021

Fairer Software Made Easier (using "Keys")

Can we simplify explanations for software analytics? Maybe. Recent resul...
research
09/10/2022

Cache Refinement Type for Side-Channel Detection of Cryptographic Software

Cache side-channel attacks exhibit severe threats to software security a...
research
12/26/2018

Implementation of Simplex Channels in the Blom's Keys Pre-Distribution Scheme

In article the modification of the Blom's keys preliminary distribution ...

Please sign up or login with your details

Forgot password? Click here to reset