SlideShare une entreprise Scribd logo

nabdullin_brcrdu_dark

Nikita Abdullin
Nikita Abdullin

This document provides an agenda for a talk on breaking modern cryptography. It discusses various side channel and fault injection attacks that can be used to break cryptographic implementations running on untrusted hardware. It covers side channel basics like power analysis and EM analysis techniques. It also discusses fault injection basics and how errors can be injected and propagated in cryptosystems. Finally, it summarizes countermeasures for side channel and fault injection attacks and discusses how the same techniques can be applied beyond attacking cryptography.

1  sur  72
Télécharger pour lire hors ligne
Breaking Crypto For Dummies Nikita Abdullin @
• @0xABD Abdullin@riscure.com • Background: fintech, payment security • Security analyst @ Riscure, evaluating payment tech • Who is Riscure? • Security lab in the Netherlands & USA • 80 hackers working on: • Security test tools • Security test services • We host the #RHme & #RHme2 hardware CTFs! • rhme.riscure.com • 500 players from 49 countries this year About me
Cryptography Crash Course Attacks on (Software) Crypto Side Channel Attacks Fault Injection Attacks DEMO Conclusions Agenda
Agenda
• Some history: how did people use and break cryptography? • Black room == Mallory peeks in the room== broken • “Cabinet noir” • Black box == Mallory peeks in the box == broken • Commercial encryption machines • Kerckhoffs's principle == Mallory has the key == broken • … • The present day: • All of the above • Internal state == Key • ??? Cryptography Crash Course
• Black box Cryptography Crash Course Observe Alter Encrypt Decrypt
• Grey box Cryptography Crash Course Observe Alter Encrypt Decrypt
Encrypt Decrypt • White box Cryptography Crash Course Observe Alter
• Black box == Attacker cannot look inside • Grey box == Attacker can see something* inside and/or influence it • White box == Attacker has full control Cryptography Crash Course
• What is cryptography, when implemented in hardware and software? • Start with a Black box • Inputs • Data • Key • Output Cryptography Crash Course Input Key Output
• Crypto is executed by a machine • Sometimes, a “weird machine” (Sergey Bratus et al., 2011) • http://langsec.org/papers/Bratus.pdf Cryptography Crash Course Unintended functionality Normal, intended functionality Unintended states Normal, intended states
• What is cryptography, when implemented in hardware and software? • Symmetric crypto • Done in (simple) steps – rounds • Key schedule • Use a new key every round • Linear operations (aka affine transformations) • Matrix operations • Register arithmetic: SHIFT XOR ADD OR AND NOT … • Non-linear operations • Table lookups (aka Look-Up Tables “LUT” aka S-boxes, …) Cryptography Crash Course
• What is cryptography, when implemented in hardware and software? • Asymmetric crypto • Arithmetic on looooong numbers (> 4x wider than our CPU regs) • Modular arithmetic • Various optimizations to make it fit into register width • Various hacks to make it faster Cryptography Crash Course
Breaking Modern Cryptography Images (c) by Vasya Lozhkin http://vasya-lozhkin.ru/
Breaking Modern Cryptography The hipster way: • Classic Cryptanalysis • Linear Cryptanalysis • Differential Cryptanalysis • Formal verification of protocols • … • “3-AES will probably never be cryptanalyzed”
Breaking Modern Cryptography • Symmetric crypto: • Current view on computational complexity (Joan Daemen, 2016): • 80 bits: lightweight • 96 bits: solid • 128 bits: secure for the foreseeable future • 256 bits: for the clueless
Breaking Modern Cryptography The brutal way: 1. Make assumptions on the internal state of the cipher 2. Guess the state / edit the state 3. Guessed/new state depends on key (and data) 4. Measure & Calculate the key • Adjust your assumptions Grey box model – the attacker can see through the box and touch it
Breaking Modern Cryptography The brutal way: • Side Channel Analysis (SCA) • Timing analysis • Power analysis • Simple power analysis (SPA) • Differential power analysis (DPA) • Correlation power analysis (CPA) • … • Fault Injection (FI) • Differential fault analysis • …
Side-channel Basics Image source: www.wikihow.com
Side-channel Basics ???? 8??? 82?? 827? PIN 8275 Example: PIN Verification and power measurements (traces)
• Observe the whole cryptosystem • Find what is leaking (and, preferably, where) • Time • Power consumption • Electromagnetic field • Light / Sound / Temperature / … • … • Make an assumption on the dependencies between secret state and observable state • Leakage model • Process the observation data & Get the key Side-channel Basics
• Why it leaks? A hardware circuit is more complex than its schematics • Each switch (=bit) draws power when flipped (clocked) • A power consumption of a register is a function of its data (state) • Same for EM / temperature / other energy emissions Side-channel Basics
• Every wire is an antenna • Every loop is a coil • Works both ways (see later) • Noise is (usually) random/uniform, correctly modeled leakage is not • Acquire more measurements (traces) • Noise cancels itself, but data dependencies are amplified • If leakage model is correct, otherwise == becomes noise too Side-channel Basics
• For pure software, every shared hardware resource leaks • CPU caches • CPU branch predictor • Any resource of the memory controller • … • https://scholar.google.com/scholar?q=cross+vm+side+channel+attack • Lipp, M., Gruss, D., Spreitzer, R., & Mangard, S. (2015). Armageddon: Last- level cache attacks on mobile devices. arXiv preprint arXiv:1511.04897. • https://www.blackhat.com/docs/eu-16/materials/eu-16-Lipp-ARMageddon-How- Your-Smartphone-CPU-Breaks-Software-Level-Security-And-Privacy.pdf • https://github.com/IAIK/armageddon Side-channel Basics
• How to perform actual SCA attacks? 1. Acquisition of many traces – extracting leakage out of the box 2. Signal processing – leaving the good things 3. Statistical analysis of the trace set Side-channel Basics
Side-channel Basics (1) arm (6) response (3) trigger (4) measurement (5) acquisition (2) command Embedded System Current Probe (7) attack
• Acquisition of many traces • Proper equipment • Proper setup • Or, “Garbage in – Garbage Out” Side-channel Basics
• Signal processing • Filtering • Alignment • Resampling • Cut/paste • Bucket Side-channel Basics
• Statistical analysis of the trace set • First-order analysis – single point on a trace vs. model • Differential • Correlation • Higher-order analysis – multiple points on a trace vs. model • Works against protected implementations • Other attacks Side-channel Basics
• Statistical analysis of the trace set – How? • FOSS tools: https://github.com/SideChannelMarvels • Entry-level hardware: ChipWhisperer • Commercial tools: Riscure Inspector Side-channel Basics
• Further reading • ZeroNights 2014, Roman Korkikyan, “Deriving cryptographic keys via power consumption” • http://2014.zeronights.org/assets/files/slides/korkikyan.pdf Side-channel Basics
• Hardware is FRAGILE • Introduce glitches in power supply • Introduce glitches in CLK • Directly supply energy to parts of the chip • Laser • EM field • Invasive techniques • Edit & Probe the silicon Fault injection Basics
• Cryptography is FRAGILE • Errors propagate • State depends on the key (and data) • (Error+State) propagates too • Output is now more a function of a key than before • Sometimes, a single-bit flip = key extracted • Most of the time = solve a system of (linear) equations Fault injection Basics
• Why symmetric crypto fails under FI? • Magic does not happen at once • Symmetric crypto is done in rounds • Data (fault) propagation per round is limited • Faults in state remove data dependencies • Key is linearly combined with the faulty state Fault injection Basics
• Why asymmetric crypto fails under FI? • All assumptions fail • Prime numbers become composite with a single bit flip • Points on a strong ECC curve become points on weaker curves • … Fault injection Basics
• Side Channel and Fault Injection  the gray box scenario • A hardware black box does not protect the state (the key) • Even gray boxes no longer sufficient to secure the current ecosystem • Hardware is not free and cannot be delivered over the wire • Can we make cryptography secure on an untrusted hardware? • Mobile (Payments/Banking/HCE) • Content Protection (DRM) • … • How to hide the key in plain sight of the attacker? White-box Cryptography Basics
• Assumptions: • Even the hardware is now untrusted • The attacker can read the code AND the key • Can it still be secure? • Let’s mix the key in the algorithm. Code == Key • Tables • Dark magic • Tables & dark magic • And obfuscate the code, make the white-box self-aware • To avoid key extraction and arbitrary code reuse (lifting) White-box Cryptography Basics
White-box Cryptography Basics Images (c) Brecht Wyseur http://www.whiteboxcrypto.com/
• White-boxed algorithms • DES • AES • RSA • ECC • SHA256, SHA256-HMAC • … • Fight magic with magic? Breaking White-box Cryptography
• Fight magic with magic… Breaking White-box Cryptography
• Fight magic with magic… • Or apply brutal hardware attacks • Naïve white-box implementations do not solve the gray-box problems • If crypto happens, the state is there • If crypto happens, the fragile parts are there, too Breaking White-box Cryptography
• Eloi Sanfelix, Cristofaro Mune, Job de Haas, “Unboxing the White-Box” BH EU 2015 • https://www.blackhat.com/docs/eu- 15/materials/eu-15-Sanfelix-Unboxing-The- White-Box-Practical-Attacks-Against- Obfuscated-Ciphers-wp.pdf • Joppe W Bos, Charles Hubain, Wil Michiels, Philippe Teuwen “Differential Computation Analysis: Hiding your White-Box Designs is Not Enough” • https://eprint.iacr.org/2015/753 Breaking White-box Cryptography
• Side-channel attacks on WBC • Run on “hardware” • attack as if it was a pure hardware cipher • – What is leaking? – Everything! • Memory • Values in registers • “Trace” is now data dump over time Breaking White-box Cryptography
• Why (some) WBC fails under side channel? • Linearity = leakage • Sasdrich, Pascal, Amir Moradi, and Tim Güneysu. "White-Box Cryptography in the Gray Box.“ • http://eprint.iacr.org/2016/203.pdf Breaking White-box Cryptography
• Fault injection attacks on WBC • Run on “hardware” • attack as if it was a pure hardware cipher • – What can we glitch? – Anything! • Memory • Values in registers Breaking White-box Cryptography
• Need to tap into the code flow and data. How? • Manual code manipulation at run time (hook/inject/debug) • Decompile & recompile with probes • Dynamic Binary Instrumentation • Emulation (with probes) • Absolute worst case: run on real hardware and bring the big guns Software Crypto Instrumentation
• Manual code manipulation at run time (hook/inject/debug) • + Easy to start from a software RE/expl. background • – Lower speed (esp. when debugging, need to tap into everything) • – Need to bypass anti-debug countermeasures • – Scripting debuggers is ugly Software Crypto Instrumentation
• Decompile & recompile with probes • + Easy to start from a software RE/expl. background • + Speed • – lots of manual corrections • – some RE & understanding of the target needed Software Crypto Instrumentation
• Dynamic Binary Instrumentation • Intel PIN • Valgrind • DynamoRIO • (Frida) http://www.frida.re/ • https://github.com/SideChannelMarvels already has one Software Crypto Instrumentation
• Dynamic Binary Instrumentation • + Flexibility • + Stealth • – architecture-specific issues Software Crypto Instrumentation
• Emulation (with probes) • Platform-level emulation = The mighty QEMU • Unicorn Engine (not a platform, only a CPU) http://www.unicorn-engine.org/ • Standalone • IDA plugin • Awesome • PANDA (a full platform) https://github.com/moyix/panda • Record traces and replay • Plugin framework • Awesome (but slow) Software Crypto Instrumentation
• Emulation (with probes) • + Flexibility • + Stealth • + Speed • – Platform-level emulation is slow Software Crypto Instrumentation
• What to do? Side-channel: • Log all memory accesses • Address • Value & Size • Log all registers • What to do? Fault injection: • Flip bits in memory values and memory addresses • Flip bits in registers • KEEP TRACK OF THE PROGRAM COUNTER == TIME Software Crypto Instrumentation
• Narrow down the addresses and PC range • Compare execution traces, identifying data and key dependencies • Side-channel – easy optimizations • Memory writes are more useful than reads • Most registers are redundant (sometimes LSB is enough) • Data can be compressed/discarded on the fly • Fault injection – easy optimizations • Keep track of what you glitch Software Crypto Instrumentation
• White-boxed AES in JS from https://github.com/tsu-iscd/jcrypto • Fault injection attack in 9th round • Using https://github.com/SideChannelMarvels/JeanGrey to extract the key DEMO 1
• Huge traces for SCA • ~1GHz CPUs, white-box can run in 0.1s, easily 100 M instructions x N bytes per instruction = a lot of data  Compress and discard more aggressively Software Crypto Instrumentation Challenges
• Misalignment • Leakage location depends on input  Do aggressive signal processing  Smart emulation (CFG?) Software Crypto Instrumentation Challenges
• Glitching runs wild • Unwanted glitching of return addresses • Unwanted glitching of instruction loading addresses  Simple heuristics when glitching, better focus Software Crypto Instrumentation Challenges
• Why? • Directly applicable on regular software crypto • Defeat obfuscation without deobfuscating • What is executable will be executed and WILL leak / WILL be glitchable • Minimum reverse engineering • Ideally, locate the target function in time domain only • Can be tailored into a point-and-click solution if needed Bonus: Attacking Regular Software Crypto
• But… hardware acceleration? AES-NI, etc.? • Only for symmetric crypto. • Maybe forbidden by obfuscator/protector • Often not applicable due to platform diversity • E.g. standard crypto extensions for ARM are not there yet, etc. • Or, emulate & get the key from emulator’s implementation • Or, emulate & apply DCA on the whole emulator • Worst case, debug & get the key from registers, as usual Bonus: Attacking Regular Software Crypto
• OLLVM-Obfuscated standard AES encryption • Side-channel leakage is memory accesses • Using Riscure Inspector to extract the key DEMO 2
• Any state can be leaked via SCA • Any data dependency • PIN/Key/Password lengths • Hamming weights/distances of values • Code structure / CFG leaks too • Basic blocks in CFG may be recognizable SCA & FI: Beyond Attacking Crypto
• Any state can be affected via FI • Most critical – bypass security mechanisms • MAC/Signature/PIN/Password checks • Secure Boot • … Niek Timmers, Albert Spruyt: “Bypassing Secure Boot using Fault Injection”, BH EU 2016 https://www.blackhat.com/docs/eu-16/materials/eu-16-Timmers-Bypassing-Secure-Boot-Using- Fault-Injection.pdf SCA & FI: Beyond Attacking Crypto
• Countermeasures exist • SCA countermeasures • FI countermeasures SCA & FI: Beyond Attacking Crypto
• SCA countermeasures • Most are patented, bad news for silicon and crypto vendors • Reduce leakages (double rail logic, shields, …) • Introduce noise and jitter • Shuffle the state in time domain • Masking • Encodings between rounds SCA & FI: Beyond Attacking Crypto
• FI countermeasures • Most are patented, bad news for silicon and crypto vendors • Best idea: verify everything • Transform the algorithms • To allow verification on side effects of the calculations • To propagate errors DRAMATICALLY, diffusing the key dependencies • Hardware: • Awareness – sensors: glitch, light, EM, … SCA & FI: Beyond Attacking Crypto
• State-of-the-art white-box crypto, as seen in highly competitive markets like content protection, is tough: • All of the above • SCA countermeasures • FI countermeasures • State-of-the-art obfuscation, anti-debug, anti-emulation and anti-DBI • Attacking == Defusing an explosive black box with a hammer • If possible, uses encodings • Internal encoding: • 𝐿𝑈𝑇 = 𝑔 ∘ 𝐿𝑈𝑇 ∘ 𝑓−1 • External encoding: • 𝐴𝐸𝑆 𝑘 ′ = 𝐺 ∘ 𝐴𝐸𝑆 𝑘 ∘ 𝐹−1 • 𝐴𝐸𝑆 𝑘 ′ (𝑚) is unusable by anyone, except the vendor who can decode SCA & FI: Beyond Attacking Crypto
• More countermeasures for white-box crypto: • Remember, state = key. Diffuse the state so it is too large to easily extract or compress • Bogdanov, A., & Isobe, T.. (2015). White-Box Cryptography Revisited: Space-Hard Ciphers. ACM Conference on Computer and Communications Security. 10.1145/2810103.2813699 SCA & FI: Beyond Attacking Crypto
• It is still possible to break crypto without being a cryptographer • Academy is busy constructing funny whiteboxes • Thinking out of the box helps • Best hacks happen on an edge • Proper tools • Continuously evaluate your product before it hits the market • The fight goes on… Conclusions
Questions?
• http://langsec.org/papers/Bratus.pdf • http://2014.zeronights.org/assets/files/slides/korkikyan.pdf • https://www.blackhat.com/docs/eu-15/materials/eu-15-Sanfelix-Unboxing-The- White-Box-Practical-Attacks-Against-Obfuscated-Ciphers-wp.pdf • https://eprint.iacr.org/2015/753 • http://eprint.iacr.org/2016/203.pdf • https://github.com/SideChannelMarvels • http://www.frida.re • http://www.unicorn-engine.org • https://github.com/moyix/panda • https://www.blackhat.com/docs/eu-16/materials/eu-16-Timmers-Bypassing- Secure-Boot-Using-Fault-Injection.pdf References
Challenge your security Riscure North America 550 Kearny St. Suite 330 San Francisco, CA 94108 +1 (650) 646 9979 inforequest@riscure.com Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15 251 40 90 www.riscure.com We are hiring! www.riscure.com/careers

Recommandé

Flaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Flaying the Blockchain Ledger for Fun, Profit, and Hip HopFlaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Flaying the Blockchain Ledger for Fun, Profit, and Hip HopAndrew Morris
 
The Background Noise of the Internet
The Background Noise of the InternetThe Background Noise of the Internet
The Background Noise of the InternetAndrew Morris
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleJohn Bambenek
 
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practical
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practicalDEFCON 23 - Fernando Arnaboldi - abusing xslt for practical
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practicalFelipe Prado
 
Hta t17
Hta t17Hta t17
Hta t17SelectedPresentations
 
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...Construction of sfiCAN: a star-based fault-injection infrastructure for the C...
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...balDYxan
 
Side Channel Analysis: Practice and a Bit of Theory
Side Channel Analysis: Practice and a Bit of TheorySide Channel Analysis: Practice and a Bit of Theory
Side Channel Analysis: Practice and a Bit of TheoryPositive Hack Days
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 

Recommandé

Flaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Flaying the Blockchain Ledger for Fun, Profit, and Hip HopFlaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Flaying the Blockchain Ledger for Fun, Profit, and Hip HopAndrew Morris
 
The Background Noise of the Internet
The Background Noise of the InternetThe Background Noise of the Internet
The Background Noise of the InternetAndrew Morris
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleJohn Bambenek
 
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practical
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practicalDEFCON 23 - Fernando Arnaboldi - abusing xslt for practical
DEFCON 23 - Fernando Arnaboldi - abusing xslt for practicalFelipe Prado
 
Hta t17
Hta t17Hta t17
Hta t17SelectedPresentations
 
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...Construction of sfiCAN: a star-based fault-injection infrastructure for the C...
Construction of sfiCAN: a star-based fault-injection infrastructure for the C...balDYxan
 
Side Channel Analysis: Practice and a Bit of Theory
Side Channel Analysis: Practice and a Bit of TheorySide Channel Analysis: Practice and a Bit of Theory
Side Channel Analysis: Practice and a Bit of TheoryPositive Hack Days
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Cloudflare
 
White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013Nick Sullivan
 
CONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their assCONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their assPROIDEA
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyCSNP
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)Sam Bowne
 
Aes jul-upload
Aes jul-uploadAes jul-upload
Aes jul-uploadSetia Juli Irzal Ismail
 
CapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptxCapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptxCapitolTechU
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheelsinfodox
 
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015CSO_Presentations
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
Cryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of RansomwareCryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of RansomwareMark Mager
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
Cryptography for Everyone
Cryptography for EveryoneCryptography for Everyone
Cryptography for EveryoneSerkan Yıldırım
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat Security Conference
 
Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Riscure
 
The economies of scaling software - Abdel Remani
The economies of scaling software - Abdel RemaniThe economies of scaling software - Abdel Remani
The economies of scaling software - Abdel Remanijaxconf
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 

Contenu connexe

Similaire à nabdullin_brcrdu_dark

Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Cloudflare
 
White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013Nick Sullivan
 
CONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their assCONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their assPROIDEA
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyCSNP
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)Sam Bowne
 
CapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptxCapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptxCapitolTechU
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheelsinfodox
 
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015CSO_Presentations
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
Cryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of RansomwareCryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of RansomwareMark Mager
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat Security Conference
 
Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Riscure
 
The economies of scaling software - Abdel Remani
The economies of scaling software - Abdel RemaniThe economies of scaling software - Abdel Remani
The economies of scaling software - Abdel Remanijaxconf
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 

Similaire à nabdullin_brcrdu_dark (20)

Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013
 
White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013White-box Cryptography -BayThreat 2013
White-box Cryptography -BayThreat 2013
 
CONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their assCONFidence 2014: Yaniv Miron: ATMs – We kick their ass
CONFidence 2014: Yaniv Miron: ATMs – We kick their ass
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)
 
Aes jul-upload
Aes jul-uploadAes jul-upload
Aes jul-upload
 
CapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptxCapTech Talks Webinar Feb 2023 Rick Hansen.pptx
CapTech Talks Webinar Feb 2023 Rick Hansen.pptx
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheels
 
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014
 
Cryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of RansomwareCryptanalysis in the Time of Ransomware
Cryptanalysis in the Time of Ransomware
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
Cryptography for Everyone
Cryptography for EveryoneCryptography for Everyone
Cryptography for Everyone
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive Trickery
 
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
BlueHat v17 || Extracting Secrets from Silicon – A New Generation of Bug Hunt...
 
Why is it so hard to make secure chips?
Why is it so hard to make secure chips?Why is it so hard to make secure chips?
Why is it so hard to make secure chips?
 
The economies of scaling software - Abdel Remani
The economies of scaling software - Abdel RemaniThe economies of scaling software - Abdel Remani
The economies of scaling software - Abdel Remani
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: Cryptography
 

nabdullin_brcrdu_dark

  • 2. • @0xABD Abdullin@riscure.com • Background: fintech, payment security • Security analyst @ Riscure, evaluating payment tech • Who is Riscure? • Security lab in the Netherlands & USA • 80 hackers working on: • Security test tools • Security test services • We host the #RHme & #RHme2 hardware CTFs! • rhme.riscure.com • 500 players from 49 countries this year About me
  • 3. Cryptography Crash Course Attacks on (Software) Crypto Side Channel Attacks Fault Injection Attacks DEMO Conclusions Agenda
  • 5. • Some history: how did people use and break cryptography? • Black room == Mallory peeks in the room== broken • “Cabinet noir” • Black box == Mallory peeks in the box == broken • Commercial encryption machines • Kerckhoffs's principle == Mallory has the key == broken • … • The present day: • All of the above • Internal state == Key • ??? Cryptography Crash Course
  • 6. • Black box Cryptography Crash Course Observe Alter Encrypt Decrypt
  • 7. • Grey box Cryptography Crash Course Observe Alter Encrypt Decrypt
  • 8. Encrypt Decrypt • White box Cryptography Crash Course Observe Alter
  • 9. • Black box == Attacker cannot look inside • Grey box == Attacker can see something* inside and/or influence it • White box == Attacker has full control Cryptography Crash Course
  • 10. • What is cryptography, when implemented in hardware and software? • Start with a Black box • Inputs • Data • Key • Output Cryptography Crash Course Input Key Output
  • 11. • Crypto is executed by a machine • Sometimes, a “weird machine” (Sergey Bratus et al., 2011) • http://langsec.org/papers/Bratus.pdf Cryptography Crash Course Unintended functionality Normal, intended functionality Unintended states Normal, intended states
  • 12. • What is cryptography, when implemented in hardware and software? • Symmetric crypto • Done in (simple) steps – rounds • Key schedule • Use a new key every round • Linear operations (aka affine transformations) • Matrix operations • Register arithmetic: SHIFT XOR ADD OR AND NOT … • Non-linear operations • Table lookups (aka Look-Up Tables “LUT” aka S-boxes, …) Cryptography Crash Course
  • 13. • What is cryptography, when implemented in hardware and software? • Asymmetric crypto • Arithmetic on looooong numbers (> 4x wider than our CPU regs) • Modular arithmetic • Various optimizations to make it fit into register width • Various hacks to make it faster Cryptography Crash Course
  • 14. Breaking Modern Cryptography Images (c) by Vasya Lozhkin http://vasya-lozhkin.ru/
  • 15. Breaking Modern Cryptography The hipster way: • Classic Cryptanalysis • Linear Cryptanalysis • Differential Cryptanalysis • Formal verification of protocols • … • “3-AES will probably never be cryptanalyzed”
  • 16. Breaking Modern Cryptography • Symmetric crypto: • Current view on computational complexity (Joan Daemen, 2016): • 80 bits: lightweight • 96 bits: solid • 128 bits: secure for the foreseeable future • 256 bits: for the clueless
  • 17. Breaking Modern Cryptography The brutal way: 1. Make assumptions on the internal state of the cipher 2. Guess the state / edit the state 3. Guessed/new state depends on key (and data) 4. Measure & Calculate the key • Adjust your assumptions Grey box model – the attacker can see through the box and touch it
  • 18. Breaking Modern Cryptography The brutal way: • Side Channel Analysis (SCA) • Timing analysis • Power analysis • Simple power analysis (SPA) • Differential power analysis (DPA) • Correlation power analysis (CPA) • … • Fault Injection (FI) • Differential fault analysis • …
  • 20. Side-channel Basics ???? 8??? 82?? 827? PIN 8275 Example: PIN Verification and power measurements (traces)
  • 21. • Observe the whole cryptosystem • Find what is leaking (and, preferably, where) • Time • Power consumption • Electromagnetic field • Light / Sound / Temperature / … • … • Make an assumption on the dependencies between secret state and observable state • Leakage model • Process the observation data & Get the key Side-channel Basics
  • 22. • Why it leaks? A hardware circuit is more complex than its schematics • Each switch (=bit) draws power when flipped (clocked) • A power consumption of a register is a function of its data (state) • Same for EM / temperature / other energy emissions Side-channel Basics
  • 23. • Every wire is an antenna • Every loop is a coil • Works both ways (see later) • Noise is (usually) random/uniform, correctly modeled leakage is not • Acquire more measurements (traces) • Noise cancels itself, but data dependencies are amplified • If leakage model is correct, otherwise == becomes noise too Side-channel Basics
  • 24. • For pure software, every shared hardware resource leaks • CPU caches • CPU branch predictor • Any resource of the memory controller • … • https://scholar.google.com/scholar?q=cross+vm+side+channel+attack • Lipp, M., Gruss, D., Spreitzer, R., & Mangard, S. (2015). Armageddon: Last- level cache attacks on mobile devices. arXiv preprint arXiv:1511.04897. • https://www.blackhat.com/docs/eu-16/materials/eu-16-Lipp-ARMageddon-How- Your-Smartphone-CPU-Breaks-Software-Level-Security-And-Privacy.pdf • https://github.com/IAIK/armageddon Side-channel Basics
  • 25. • How to perform actual SCA attacks? 1. Acquisition of many traces – extracting leakage out of the box 2. Signal processing – leaving the good things 3. Statistical analysis of the trace set Side-channel Basics
  • 26. Side-channel Basics (1) arm (6) response (3) trigger (4) measurement (5) acquisition (2) command Embedded System Current Probe (7) attack
  • 27. • Acquisition of many traces • Proper equipment • Proper setup • Or, “Garbage in – Garbage Out” Side-channel Basics
  • 28. • Signal processing • Filtering • Alignment • Resampling • Cut/paste • Bucket Side-channel Basics
  • 29. • Statistical analysis of the trace set • First-order analysis – single point on a trace vs. model • Differential • Correlation • Higher-order analysis – multiple points on a trace vs. model • Works against protected implementations • Other attacks Side-channel Basics
  • 30. • Statistical analysis of the trace set – How? • FOSS tools: https://github.com/SideChannelMarvels • Entry-level hardware: ChipWhisperer • Commercial tools: Riscure Inspector Side-channel Basics
  • 31. • Further reading • ZeroNights 2014, Roman Korkikyan, “Deriving cryptographic keys via power consumption” • http://2014.zeronights.org/assets/files/slides/korkikyan.pdf Side-channel Basics
  • 32. • Hardware is FRAGILE • Introduce glitches in power supply • Introduce glitches in CLK • Directly supply energy to parts of the chip • Laser • EM field • Invasive techniques • Edit & Probe the silicon Fault injection Basics
  • 33. • Cryptography is FRAGILE • Errors propagate • State depends on the key (and data) • (Error+State) propagates too • Output is now more a function of a key than before • Sometimes, a single-bit flip = key extracted • Most of the time = solve a system of (linear) equations Fault injection Basics
  • 34. • Why symmetric crypto fails under FI? • Magic does not happen at once • Symmetric crypto is done in rounds • Data (fault) propagation per round is limited • Faults in state remove data dependencies • Key is linearly combined with the faulty state Fault injection Basics
  • 35. • Why asymmetric crypto fails under FI? • All assumptions fail • Prime numbers become composite with a single bit flip • Points on a strong ECC curve become points on weaker curves • … Fault injection Basics
  • 36. • Side Channel and Fault Injection  the gray box scenario • A hardware black box does not protect the state (the key) • Even gray boxes no longer sufficient to secure the current ecosystem • Hardware is not free and cannot be delivered over the wire • Can we make cryptography secure on an untrusted hardware? • Mobile (Payments/Banking/HCE) • Content Protection (DRM) • … • How to hide the key in plain sight of the attacker? White-box Cryptography Basics
  • 37. • Assumptions: • Even the hardware is now untrusted • The attacker can read the code AND the key • Can it still be secure? • Let’s mix the key in the algorithm. Code == Key • Tables • Dark magic • Tables & dark magic • And obfuscate the code, make the white-box self-aware • To avoid key extraction and arbitrary code reuse (lifting) White-box Cryptography Basics
  • 38. White-box Cryptography Basics Images (c) Brecht Wyseur http://www.whiteboxcrypto.com/
  • 39. • White-boxed algorithms • DES • AES • RSA • ECC • SHA256, SHA256-HMAC • … • Fight magic with magic? Breaking White-box Cryptography
  • 40. • Fight magic with magic… Breaking White-box Cryptography
  • 41. • Fight magic with magic… • Or apply brutal hardware attacks • Naïve white-box implementations do not solve the gray-box problems • If crypto happens, the state is there • If crypto happens, the fragile parts are there, too Breaking White-box Cryptography
  • 42. • Eloi Sanfelix, Cristofaro Mune, Job de Haas, “Unboxing the White-Box” BH EU 2015 • https://www.blackhat.com/docs/eu- 15/materials/eu-15-Sanfelix-Unboxing-The- White-Box-Practical-Attacks-Against- Obfuscated-Ciphers-wp.pdf • Joppe W Bos, Charles Hubain, Wil Michiels, Philippe Teuwen “Differential Computation Analysis: Hiding your White-Box Designs is Not Enough” • https://eprint.iacr.org/2015/753 Breaking White-box Cryptography
  • 43. • Side-channel attacks on WBC • Run on “hardware” • attack as if it was a pure hardware cipher • – What is leaking? – Everything! • Memory • Values in registers • “Trace” is now data dump over time Breaking White-box Cryptography
  • 44. • Why (some) WBC fails under side channel? • Linearity = leakage • Sasdrich, Pascal, Amir Moradi, and Tim Güneysu. "White-Box Cryptography in the Gray Box.“ • http://eprint.iacr.org/2016/203.pdf Breaking White-box Cryptography
  • 45. • Fault injection attacks on WBC • Run on “hardware” • attack as if it was a pure hardware cipher • – What can we glitch? – Anything! • Memory • Values in registers Breaking White-box Cryptography
  • 46. • Need to tap into the code flow and data. How? • Manual code manipulation at run time (hook/inject/debug) • Decompile & recompile with probes • Dynamic Binary Instrumentation • Emulation (with probes) • Absolute worst case: run on real hardware and bring the big guns Software Crypto Instrumentation
  • 47. • Manual code manipulation at run time (hook/inject/debug) • + Easy to start from a software RE/expl. background • – Lower speed (esp. when debugging, need to tap into everything) • – Need to bypass anti-debug countermeasures • – Scripting debuggers is ugly Software Crypto Instrumentation
  • 48. • Decompile & recompile with probes • + Easy to start from a software RE/expl. background • + Speed • – lots of manual corrections • – some RE & understanding of the target needed Software Crypto Instrumentation
  • 49. • Dynamic Binary Instrumentation • Intel PIN • Valgrind • DynamoRIO • (Frida) http://www.frida.re/ • https://github.com/SideChannelMarvels already has one Software Crypto Instrumentation
  • 50. • Dynamic Binary Instrumentation • + Flexibility • + Stealth • – architecture-specific issues Software Crypto Instrumentation
  • 51. • Emulation (with probes) • Platform-level emulation = The mighty QEMU • Unicorn Engine (not a platform, only a CPU) http://www.unicorn-engine.org/ • Standalone • IDA plugin • Awesome • PANDA (a full platform) https://github.com/moyix/panda • Record traces and replay • Plugin framework • Awesome (but slow) Software Crypto Instrumentation
  • 52. • Emulation (with probes) • + Flexibility • + Stealth • + Speed • – Platform-level emulation is slow Software Crypto Instrumentation
  • 53. • What to do? Side-channel: • Log all memory accesses • Address • Value & Size • Log all registers • What to do? Fault injection: • Flip bits in memory values and memory addresses • Flip bits in registers • KEEP TRACK OF THE PROGRAM COUNTER == TIME Software Crypto Instrumentation
  • 54. • Narrow down the addresses and PC range • Compare execution traces, identifying data and key dependencies • Side-channel – easy optimizations • Memory writes are more useful than reads • Most registers are redundant (sometimes LSB is enough) • Data can be compressed/discarded on the fly • Fault injection – easy optimizations • Keep track of what you glitch Software Crypto Instrumentation
  • 55. • White-boxed AES in JS from https://github.com/tsu-iscd/jcrypto • Fault injection attack in 9th round • Using https://github.com/SideChannelMarvels/JeanGrey to extract the key DEMO 1
  • 56. • Huge traces for SCA • ~1GHz CPUs, white-box can run in 0.1s, easily 100 M instructions x N bytes per instruction = a lot of data  Compress and discard more aggressively Software Crypto Instrumentation Challenges
  • 57. • Misalignment • Leakage location depends on input  Do aggressive signal processing  Smart emulation (CFG?) Software Crypto Instrumentation Challenges
  • 58. • Glitching runs wild • Unwanted glitching of return addresses • Unwanted glitching of instruction loading addresses  Simple heuristics when glitching, better focus Software Crypto Instrumentation Challenges
  • 59. • Why? • Directly applicable on regular software crypto • Defeat obfuscation without deobfuscating • What is executable will be executed and WILL leak / WILL be glitchable • Minimum reverse engineering • Ideally, locate the target function in time domain only • Can be tailored into a point-and-click solution if needed Bonus: Attacking Regular Software Crypto
  • 60. • But… hardware acceleration? AES-NI, etc.? • Only for symmetric crypto. • Maybe forbidden by obfuscator/protector • Often not applicable due to platform diversity • E.g. standard crypto extensions for ARM are not there yet, etc. • Or, emulate & get the key from emulator’s implementation • Or, emulate & apply DCA on the whole emulator • Worst case, debug & get the key from registers, as usual Bonus: Attacking Regular Software Crypto
  • 61. • OLLVM-Obfuscated standard AES encryption • Side-channel leakage is memory accesses • Using Riscure Inspector to extract the key DEMO 2
  • 62. • Any state can be leaked via SCA • Any data dependency • PIN/Key/Password lengths • Hamming weights/distances of values • Code structure / CFG leaks too • Basic blocks in CFG may be recognizable SCA & FI: Beyond Attacking Crypto
  • 63. • Any state can be affected via FI • Most critical – bypass security mechanisms • MAC/Signature/PIN/Password checks • Secure Boot • … Niek Timmers, Albert Spruyt: “Bypassing Secure Boot using Fault Injection”, BH EU 2016 https://www.blackhat.com/docs/eu-16/materials/eu-16-Timmers-Bypassing-Secure-Boot-Using- Fault-Injection.pdf SCA & FI: Beyond Attacking Crypto
  • 64. • Countermeasures exist • SCA countermeasures • FI countermeasures SCA & FI: Beyond Attacking Crypto
  • 65. • SCA countermeasures • Most are patented, bad news for silicon and crypto vendors • Reduce leakages (double rail logic, shields, …) • Introduce noise and jitter • Shuffle the state in time domain • Masking • Encodings between rounds SCA & FI: Beyond Attacking Crypto
  • 66. • FI countermeasures • Most are patented, bad news for silicon and crypto vendors • Best idea: verify everything • Transform the algorithms • To allow verification on side effects of the calculations • To propagate errors DRAMATICALLY, diffusing the key dependencies • Hardware: • Awareness – sensors: glitch, light, EM, … SCA & FI: Beyond Attacking Crypto
  • 67. • State-of-the-art white-box crypto, as seen in highly competitive markets like content protection, is tough: • All of the above • SCA countermeasures • FI countermeasures • State-of-the-art obfuscation, anti-debug, anti-emulation and anti-DBI • Attacking == Defusing an explosive black box with a hammer • If possible, uses encodings • Internal encoding: • 𝐿𝑈𝑇 = 𝑔 ∘ 𝐿𝑈𝑇 ∘ 𝑓−1 • External encoding: • 𝐴𝐸𝑆 𝑘 ′ = 𝐺 ∘ 𝐴𝐸𝑆 𝑘 ∘ 𝐹−1 • 𝐴𝐸𝑆 𝑘 ′ (𝑚) is unusable by anyone, except the vendor who can decode SCA & FI: Beyond Attacking Crypto
  • 68. • More countermeasures for white-box crypto: • Remember, state = key. Diffuse the state so it is too large to easily extract or compress • Bogdanov, A., & Isobe, T.. (2015). White-Box Cryptography Revisited: Space-Hard Ciphers. ACM Conference on Computer and Communications Security. 10.1145/2810103.2813699 SCA & FI: Beyond Attacking Crypto
  • 69. • It is still possible to break crypto without being a cryptographer • Academy is busy constructing funny whiteboxes • Thinking out of the box helps • Best hacks happen on an edge • Proper tools • Continuously evaluate your product before it hits the market • The fight goes on… Conclusions
  • 71. • http://langsec.org/papers/Bratus.pdf • http://2014.zeronights.org/assets/files/slides/korkikyan.pdf • https://www.blackhat.com/docs/eu-15/materials/eu-15-Sanfelix-Unboxing-The- White-Box-Practical-Attacks-Against-Obfuscated-Ciphers-wp.pdf • https://eprint.iacr.org/2015/753 • http://eprint.iacr.org/2016/203.pdf • https://github.com/SideChannelMarvels • http://www.frida.re • http://www.unicorn-engine.org • https://github.com/moyix/panda • https://www.blackhat.com/docs/eu-16/materials/eu-16-Timmers-Bypassing- Secure-Boot-Using-Fault-Injection.pdf References
  • 72. Challenge your security Riscure North America 550 Kearny St. Suite 330 San Francisco, CA 94108 +1 (650) 646 9979 inforequest@riscure.com Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15 251 40 90 www.riscure.com We are hiring! www.riscure.com/careers