Your search keyword '"Kizhvatov, Ilya"' showing total 13 results

1. Physical Security of Cryptographic Algorithm Implementations

Author

Kizhvatov, Ilya and Kizhvatov, Ilya

Abstract

This thesis deals with physical attacks on implementations of cryptographic algorithms and countermeasures against these attacks. Physical attacks exploit properties of an implementation to recover secret cryptographic keys. Particularly vulnerable to physical attacks are embedded devices. In the area of side-channel analysis, this thesis addresses attacks that exploit observations of power consumption or electromagnetic leakage of the device and target symmetric cryptographic algorithms. First, this work proposes a new combination of two well-known attacks that is more efficient than each of the attacks individually. Second, this work studies attacks exploiting leakage induced by microprocessor cache mechanism, suggesting an algorithm that can recover the secret key in the presence of uncertainties in cache event detection from side-channel acquisitions. Third, practical side-channel attacks are discovered against the AES engine of the AVR XMEGA, a recent versatile microcontroller. In the area of fault analysis, this thesis extends existing attacks against the RSA digital signature algorithm implemented with the Chinese remainder theorem to a setting where parts of the signed message are unknown to the attacker. The new attacks are applicable in particular to several widely used standards in modern smart card applications. In the area of countermeasures, this work proposes a new algorithm for random delay generation in embedded software. The new algorithm is more efficient than the previously suggested algorithms since it introduces more uncertainty for the attacker with less performance overhead. The results presented in this thesis are practically validated in experiments with general-purpose 8-bit AVR and 32-bit ARM microcontrollers that are used in many embedded devices.

Published

2011

2. Cryptanalysis of the Atmel Cipher in SecureMemory, CryptoMemory and CryptoRF

Author

Biryukov, Alex, Kizhvatov, Ilya, Zhang, Bin, Biryukov, Alex, Kizhvatov, Ilya, and Zhang, Bin

Abstract

SecureMemory (SM), CryptoMemory (CM) and CryptoRF (CR) are the Atmel chip families with wide applications in practice. They implement a proprietary stream cipher, which we call the Atmel cipher, to provide authenticity, confidentiality and integrity. At CCS’2010, it was shown that given 1 keystream frame, the secret key in SM protected by the simple version of the cipher can be recovered in 2^39.4 cipher ticks and if 2640 keystream frames are available, the secret key in CM guarded by the more complex version of the cipher can be restored in 2^58 cipher ticks. In this paper, we show much more efficient and practical attacks on both versions of the Atmel cipher. The idea is to dynamically reconstruct the internal state of the underlying register by exploiting the different diffusion speeds of the different cells. For SM, we can recover the secret key in 2^29.8 cipher ticks given 1 keystream frame; for CM, we can recover the secret key in 2^50 cipher ticks with around 24 frames. Practical implementation of the full attack confirms our results.

Published

2011

3. Physical Security of Cryptographic Algorithm Implementations

Author

Kizhvatov, Ilya and Kizhvatov, Ilya

Abstract

This thesis deals with physical attacks on implementations of cryptographic algorithms and countermeasures against these attacks. Physical attacks exploit properties of an implementation to recover secret cryptographic keys. Particularly vulnerable to physical attacks are embedded devices. In the area of side-channel analysis, this thesis addresses attacks that exploit observations of power consumption or electromagnetic leakage of the device and target symmetric cryptographic algorithms. First, this work proposes a new combination of two well-known attacks that is more efficient than each of the attacks individually. Second, this work studies attacks exploiting leakage induced by microprocessor cache mechanism, suggesting an algorithm that can recover the secret key in the presence of uncertainties in cache event detection from side-channel acquisitions. Third, practical side-channel attacks are discovered against the AES engine of the AVR XMEGA, a recent versatile microcontroller. In the area of fault analysis, this thesis extends existing attacks against the RSA digital signature algorithm implemented with the Chinese remainder theorem to a setting where parts of the signed message are unknown to the attacker. The new attacks are applicable in particular to several widely used standards in modern smart card applications. In the area of countermeasures, this work proposes a new algorithm for random delay generation in embedded software. The new algorithm is more efficient than the previously suggested algorithms since it introduces more uncertainty for the attacker with less performance overhead. The results presented in this thesis are practically validated in experiments with general-purpose 8-bit AVR and 32-bit ARM microcontrollers that are used in many embedded devices.

Published

2011

4. Cryptanalysis of the Atmel Cipher in SecureMemory, CryptoMemory and CryptoRF

Author

Biryukov, Alex, Kizhvatov, Ilya, Zhang, Bin, Biryukov, Alex, Kizhvatov, Ilya, and Zhang, Bin

Abstract

SecureMemory (SM), CryptoMemory (CM) and CryptoRF (CR) are the Atmel chip families with wide applications in practice. They implement a proprietary stream cipher, which we call the Atmel cipher, to provide authenticity, confidentiality and integrity. At CCS’2010, it was shown that given 1 keystream frame, the secret key in SM protected by the simple version of the cipher can be recovered in 2^39.4 cipher ticks and if 2640 keystream frames are available, the secret key in CM guarded by the more complex version of the cipher can be restored in 2^58 cipher ticks. In this paper, we show much more efficient and practical attacks on both versions of the Atmel cipher. The idea is to dynamically reconstruct the internal state of the underlying register by exploiting the different diffusion speeds of the different cells. For SM, we can recover the secret key in 2^29.8 cipher ticks given 1 keystream frame; for CM, we can recover the secret key in 2^50 cipher ticks with around 24 frames. Practical implementation of the full attack confirms our results.

Published

2011

5. Physical Security of Cryptographic Algorithm Implementations

Author

Kizhvatov, Ilya and Kizhvatov, Ilya

Abstract

This thesis deals with physical attacks on implementations of cryptographic algorithms and countermeasures against these attacks. Physical attacks exploit properties of an implementation to recover secret cryptographic keys. Particularly vulnerable to physical attacks are embedded devices. In the area of side-channel analysis, this thesis addresses attacks that exploit observations of power consumption or electromagnetic leakage of the device and target symmetric cryptographic algorithms. First, this work proposes a new combination of two well-known attacks that is more efficient than each of the attacks individually. Second, this work studies attacks exploiting leakage induced by microprocessor cache mechanism, suggesting an algorithm that can recover the secret key in the presence of uncertainties in cache event detection from side-channel acquisitions. Third, practical side-channel attacks are discovered against the AES engine of the AVR XMEGA, a recent versatile microcontroller. In the area of fault analysis, this thesis extends existing attacks against the RSA digital signature algorithm implemented with the Chinese remainder theorem to a setting where parts of the signed message are unknown to the attacker. The new attacks are applicable in particular to several widely used standards in modern smart card applications. In the area of countermeasures, this work proposes a new algorithm for random delay generation in embedded software. The new algorithm is more efficient than the previously suggested algorithms since it introduces more uncertainty for the attacker with less performance overhead. The results presented in this thesis are practically validated in experiments with general-purpose 8-bit AVR and 32-bit ARM microcontrollers that are used in many embedded devices.

Published

2011

6. Analysis and Improvement of the Random Delay Countermeasure of CHES 2009

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker's uncertainty about the position of sensitive operations. In this paper we show that the CHES 2009 method is less secure than claimed. We describe an improved method for random delay generation which does not suffer from the same security weakness. We also show that the paper's criterion to measure the security of random delays can be misleading, so we introduce a new criterion for random delays which is directly connected to the number of acquisitions required to break an implementation. We mount a power analysis attack against an 8-bit implementation of the improved method verifying its higher security in practice.

Published

2010

7. Analysis and Improvement of the Random Delay Countermeasure of CHES 2009

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker's uncertainty about the position of sensitive operations. In this paper we show that the CHES 2009 method is less secure than claimed. We describe an improved method for random delay generation which does not suffer from the same security weakness. We also show that the paper's criterion to measure the security of random delays can be misleading, so we introduce a new criterion for random delays which is directly connected to the number of acquisitions required to break an implementation. We mount a power analysis attack against an 8-bit implementation of the improved method verifying its higher security in practice.

Published

2010

8. An Efficient Method for Random Delay Generation in Embedded Software

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion for measuring the efficiency of a random delay countermeasure. We implement this new method along with the existing ones on an 8-bit platform and mount practical side-channel attacks against the implementations. We show that the new method is significantly more secure in practice than the previously published solutions and also more lightweight.

Published

2009

9. Analysis of the split mask countermeasure for embedded systems

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

We analyze a countermeasure against differential power and electromagnetic attacks that was recently introduced under the name of split mask. We show a general weakness of the split mask countermeasure that makes standard DPA attacks with a full key recovery applicable to masked AES and DES implementations. Complexity of the attacks is the same as for unmasked implementations. We implement the most efficient attack on an 8-bit AVR microcontroller. We also show that the strengthened variant of the countermeasure is susceptible to a second order DPA attack independently of the number of used mask tables.

Published

2009

10. Fault Attacks on RSA Signatures with Partially Unknown Messages

Author

Coron, Jean-Sébastien, Joux, Antoine, Kizhvatov, Ilya, Naccache, David, Paillier, Pascal, Coron, Jean-Sébastien, Joux, Antoine, Kizhvatov, Ilya, Naccache, David, and Paillier, Pascal

Abstract

Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor the signer’s modulus when the message padding function is deterministic. However, the attack does not apply when the message is partially unknown, for example when messages contain some randomness which is recovered only when verifying a correct signature. In this paper we successfully extends rsa fault attacks to a large class of partially known message configurations. The new attacks rely on Coppersmith’s algorithm for finding small roots of multivariate polynomial equations. We illustrate the approach by successfully attacking several randomized versions of the ISO/IEC 9796-2 encoding standard. Practical experiments show that a 2048-bit modulus can be factored in less than a minute given one faulty signature containing 160 random bits and an unknown 160-bit message digest.

Published

2009

11. Fault Attacks on RSA Signatures with Partially Unknown Messages

Author

Coron, Jean-Sébastien, Joux, Antoine, Kizhvatov, Ilya, Naccache, David, Paillier, Pascal, Coron, Jean-Sébastien, Joux, Antoine, Kizhvatov, Ilya, Naccache, David, and Paillier, Pascal

Abstract

Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor the signer’s modulus when the message padding function is deterministic. However, the attack does not apply when the message is partially unknown, for example when messages contain some randomness which is recovered only when verifying a correct signature. In this paper we successfully extends rsa fault attacks to a large class of partially known message configurations. The new attacks rely on Coppersmith’s algorithm for finding small roots of multivariate polynomial equations. We illustrate the approach by successfully attacking several randomized versions of the ISO/IEC 9796-2 encoding standard. Practical experiments show that a 2048-bit modulus can be factored in less than a minute given one faulty signature containing 160 random bits and an unknown 160-bit message digest.

Published

2009

12. Analysis of the split mask countermeasure for embedded systems

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

We analyze a countermeasure against differential power and electromagnetic attacks that was recently introduced under the name of split mask. We show a general weakness of the split mask countermeasure that makes standard DPA attacks with a full key recovery applicable to masked AES and DES implementations. Complexity of the attacks is the same as for unmasked implementations. We implement the most efficient attack on an 8-bit AVR microcontroller. We also show that the strengthened variant of the countermeasure is susceptible to a second order DPA attack independently of the number of used mask tables.

Published

2009

13. An Efficient Method for Random Delay Generation in Embedded Software

Author

Coron, Jean-Sébastien, Kizhvatov, Ilya, Coron, Jean-Sébastien, and Kizhvatov, Ilya

Abstract

Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion for measuring the efficiency of a random delay countermeasure. We implement this new method along with the existing ones on an 8-bit platform and mount practical side-channel attacks against the implementations. We show that the new method is significantly more secure in practice than the previously published solutions and also more lightweight.

Published

2009