For any computing system to be secure, both hardware and software have to be trusted. If the hardware layer in a secure system is compromised, not only it is possible to extract secret information about the software, but it is also extremely difficult for the software to detect that an attack is underway.
This talk will detail a complete end-to-end security attack to on a microprocessor system and will demonstrate how hardware vulnerabilities can be exploited to target systems that are software-secure. Specifically, we present a side-channel attack to the RSA signature algorithm by leveraging transient hardware faults at the server. Faults may be induced via voltage-supply variation, temperature variation, injection of single-event faults, etc. When affected by faults, the server produces erroneous RSA signatures, which it returns to the client. Once a sufficient number of erroneously signed messages is collected at the client end, we filter those that can leak private key information and we use them to extract the private key. We developed an algorithm to extract the private RSA key from messages affected by single-bit faults in the multiplication during Fixed Window Exponentiation (FWE), that is, the standard exponentiation algorithm used in OpenSSL during RSA signing. Our algorithm was inspired by a solution developed by Boneh, et al. for the Chinese Remainder Theorem (CRT) [D. Boneh, R. DeMillo, and R. Lipton. On the importance of eliminating errors in cryptographic computations. Journal of Cryptology, Dec 2001], an algorithm particularly prone to attacks. Depending of the window size used in the encryption algorithm, it is possible to extract 4-6 bits of the private key from an erroneously signed message.
Our attack is perpetrated using a FPGA platform implementing a SPARC-based microprocessor running unmodified Linux and the OpenSSL authentication library. The server provides 1024-bits RSA authentication to a client we control via Ethernet connection. Faults are injected by inducing variations in the supply voltage on the FPGA platform or by subjecting the server to high temperatures. Our client collects a few thousands signed messages, which we transfer to an 80-machines computing pool to compute the private RSA key in less than 100 hours.
Note that our attack does not require access to the victim system's internal components, but simply proximity to it. Moreover, it is conceivable that an attack leveraging solely high temperatures can be carried out on machines in a remote poorly-conditioned server room. Finally, the attack does not leave any trail of the attack in the victim machine, and thus it cannot be detected.
The presentation includes a live demo of the attack on an FPGA platform implementing a SPARC system. The system is powered via a voltage controller, used to induce variations in the supply voltage. The server is simplified to use a 128-bits private key so that the attack can be perpetrated during the briefing.
Valeria Bertacco is an Associate Professor of Electrical Engineering and Computer Science at the University of Michigan. She is currently spending her sabbatical at the Addis Ababa Institute of Technology. Her research interests are in the area of design correctness, with emphasis on full design validation, digital system reliability and hardware security assurance. Valeria joined the faculty at Michigan after being in the Advanced Technology Group of Synopsys for four years as a lead developer of Vera and Magellan, two popular verification tools. Valeria serves in several conference program committees, including DATE and DAC and she the author of three books on design errors and validation. She received her M.S. and Ph.D. degrees in Electrical Engineering from Stanford University in 1998 and 2003, respectively; and a Computer Engineering degree ("Dottore in Ingegneria") summa cum laude from the University of Padova, Italy in 1995. Valeria is the recipient of the IEEE CEDA Early Career Award, an IBM faculty award, an NSF CAREER award, and the Air Force Office of Scientific Research's Young Investigator award.