# Attacks on Implementations of Secure Systems

This is the handbook for the course “Attacks on Secure Implementations”, taught in 2020 at Ben-Gurion University by Dr. Yossi Oren.

Online course page: https://moodle2.bgu.ac.il/moodle/enrol/index.php?id=30088

For more information: https://iss.oy.ne.ro/Attacks

# Course materials

### Lecture 1 - Introduction

Videos:

- TEMPEST and secure communications, an attack on teletypewriter repeater machine. Part 1 (15 minutes);
- TEMPEST and secure communications, an attack on teletypewriter repeater machine. Part 2 (18 minutes);
- Examples of implementation attacks on other machines (11 minutes);
- Implementation attacks on secure devices (9 minutes);
- Between theory and implementation: System security, cryptographically secure algorithms and protocols, secure architectures (19 minutes);
- Breaking an implementation: The difference between theory and implementation (11 minutes);
- Constructing and using a threat model: Review of the victim assets and the attacker capabilities (19 minutes);
- Case studies: Review examples of attacks (23 minutes);

Basic reading is the first chapter of Coursebook; for further reading, see the paper about the TEMPEST; here’s Thomas Popp’s paper An Introduction to Implementation Attacks and Countermeasures; there’s also an Overview about Attacks on Smart Cards;

### Lecture 2 - Temporal Side Channels I

Videos:

- Countermeasures and their drawbacks (14 minutes);
- A history of temporal Side Channel (10 minutes);
- The definition of Temporal Side Channels (6 minutes);
- A timing attack on passwords part 1 (15 minutes);
- A timing attack on passwords part 2 (23 minutes);
- Countermeasures to timing attack on passwords: Examples of password checkers. (16 minutes);
- The Algebra behind RSA (16 minutes);
- Make RSA more efficient via LR and CRT (18 minutes);

Basic reading is the second chapter of Coursebook; for additional background reading on timing attacks, see A Practical Implementation of the Timing Attack; To read more about Montgomery’s Modular Multiplications, see Modular Multiplication Without Trial Division; there’s also an Overview about Attacks on Smart Cards; To delve more the math behind RSA, you can read Kaliski’s “The Mathematics of the RSA Public-Key Cryptosystem”;

### Lecture 3 - Temporal Side Channels II

Videos:

- Make RSA more efficient via Montgomery reduction (18 minutes);
- An example of a practical timing attack on RSA using Montgomery Reduction - A brief overview of a practical timing attack (9 minutes);
- The “Vaizata” method - an introduction - An introduction to the Vaizata method, with 5 basic steps: implementation assumption, guessing part of the key, formulating a hypothesis, measurements classification, and drawing out statistical meaning (16 minutes);
- The “Vaizata” Method in practice - PART 1 - A partial example of using the Vaizata method (12 minutes);
- The “Vaizata” Method in practice - PART 2 - The second part of the practical example to the Vaizata method, following each one of the 5 steps (18 minutes)
- The “Vaizata” Method - wrap up - The final video regarding the Vaizata method, with a statistical analysis demo using Matlab (23 minutes);
- Countermeasures to RSA timing attacks - How to mitigate and prevent timing attacks (Hiding, Masking, Blinding, Square and Always Multiply) (16 minutes)
- Bonus: timing attack paper - BlackHat2013 - A link to the 2013 BlackHat session on timing attacks featured by Paul Stone, where he introduces a number new techniques that use JavaScript-based timing attacks to extract sensitive data from browsers (6 minutes for the lecture video, 51 minutes for the YouTube video).

Basic reading is the 3rd chapter of our Coursebook. It starts with a recap and then introduces efficient implementations of modular exponentiations as described in Chapter 14 of The Handbook of Applied Cryptography; To read about a cheaper way for modular multiplication, you can learn about the Chinese Remainder Theorem; You can also read the 1998 paper “A Practical Implementation of the Timing Attack” that proposes improvements to Kocher’s idea that when the running time of a cryptographic algorithm is non-constant, timing measurements can leak information about the secret key; Then it discusses the Vaizata method, and it’s recommended you brush up on T-Tests, developed by Guinness head brewer, William Sealey Gosset;

### Lecture 4 - Power-EM Side Channels I

Videos:

- Basic electric circuit and Ohm’s Law - A brief overview/refresh for Ohm’s Law (20 minutes);
- Open and Short Circuits - An overview on short circuits and open circuits (14 minutes);
- Introdcution to transistors(and other electronic components) (15 minutes);
- Sequential circuits based on FET(10 minutes);
- Computational circuit based on FET - CMOS - Demonstrating combinational circuits and logic gates (17 minutes);
- Power consumption: Representation and computation - How attackers can exploit device clock frequency, circuit activity, and power consumption to gain knowledge about the device for their own benefit (9 minutes);
- Types of noise & power consumption vs EM - Introducing the 3 different types of Noise, and a short explanation on drawing measurements via Electro Magnetism (11 minutes);
- Attacker setup explanation & demonstration - Exploring a Power-EM attacker setup (10 minutes);

Basic reading is chapter 4 of the Coursebook, that starts with an introduction to electric circuits and the involved components, Ohm’s Law, logic gates and calculating the power consumption on a CMOS device using the Hamming Distance Model;

### Lecture 5 - Power-EM Side Channels II

Videos:

- The New York Times 1998 - Paul Kocher - Revisiting an attack from the 1995 on Smart Cards (10 minutes);
- MC, ASIC & FPGA (10 minutes);
- Simple power analysis of RSA (13 minutes);
- Simple Power Analysis Main idea (17 minutes);
- Basic MC - Virgulator (17 minutes) - Introducing the Virgulator - a Javascript-implemented micro controller simulator;
- The history of AES (17 minutes);
- AES - Main theme - Exploring the AES/Rijndael encryption standard, it’s strengths and steps. (23 minutes);

The basic reading is Chapter 5 of the Coursebook up to around 5.12 “AES Internals”; It starts by Kocher’s 1995 smart card power analysis attack that made it to the front page of The New York Times. It then further explores Power Analysis side-channel Attacks, simple power analysis, low and high data complexity attacks (sub-classes of power analysis attacks) and the types of devices commonly targeted by such attacks (microcontrollers and ASIC), AES power analysis attack.

### Lecture 6 - Power-EM Side Channels III

- Simple power analysis on AES - Plan A - Delving into 1 of 2 ways to performing a power analysis of AES. First, by capturing a power trace, then recovering the state bytes from that trace, and then using the state bytes to recover the key. (20 minutes);
- Simple power analysis on AES - Plan B - Delving into the 2nd of 2 ways of performing a power analysis of AES. First, by capturing a power trace, then recovering the Hamming Weight from that trace, and then using the Hamming Weights to recover the key. (23 minutes);

The basic reading is Chapter 5 of the coursebook, from 5.10 The Advanced Encryption Standard, that explores the steps of AES and their leaky nature that can be used for a power analysis attack to recover the key.

### Guest Lecture [Part 1] - Stjepan Picek - CSI NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel

- CSI NN(Reverse NN via EM) - part 1 - An intro about how timing attacks can be used for reverse engineering machine learning modules to obtain sensitive information about the involved datasets (20 minutes);
- CSI NN(Reverse NN via EM) - part 2 - Exploring which information is required to execute such attacks, and which operations in the model are targeted (22 minutes);
- CSI NN(Reverse NN via EM) - part 3 - Delving into the reverse engineering process on a Neural Network (9 minutes);
- CSI NN(Reverse NN via EM) - part 4 - Examining results of attacks (16 minutes);

### Guest Lecture [Part 2] - Stjepan Picek - Machine Learning and Implementation Attacks

- SCA via Deep Learning - part 1 - Discussing different types of profiled attacks and Neural Network architecture (19 minutes);
- SCA via Deep Learning - part 2 (16 minutes);

### Lecture 7 - High Data Complexity Attacks Power-EM I

Videos:

- Recap - Attacks on AES - A recap of RSA and AES attacks (13 minutes);
- Recap - Attacks on RSA - A recap of RSA and AES attacks (15 minutes)
- High data complexity Attacks - Discussing the main idea of high data complexity attacks (DPA/CPA) (15 minutes);
- DPA With Vaizata - Revisiting the Vaizata method and how to use it with DPA (13 minutes);
- DPA With Vaizata On AES - Matlab(part 1) - Demonstrating Vaizata with DPA on Matlab (16 minutes);
- DPA With Vaizata On AES - Vaizata with DPA demo - Examining the results (12 minutes);
- DPA With Vaizata On AES - Matlab(part 2) (19 minutes);
- DPA With Vaizata On AES (18 minutes);

Basic reading is Chapters 7 and 8 of the Coursebook; Whereas chapter 5 mainly focused on low data complexity attacks (with few traces), chapter 7 focuses on high data complexity attacks, aka DPA and CPA (many, many traces). It revisits the Vaizata method and how it can be used for high data complexity attacks, similarly to timing attacks (this time the assumption is that the power consumption is depended on the key). At 7.2 we demonstrate an attack on AES using example data from the Power Analysis Attacks book and visualize the process.

### Lecture 8 - Micro-Architectural Side Channels

Videos:

- The Cache - Hierarchy and Structure - Discussing the need for caches, their structure, mapping policy and hierarachy and (20 minutes);
- Prime + Probe Cache Attack - An explanation of the Prime + Probe cache attack (9 minutes);
- Spectre - Toy Example - Discussing the Spectre vulnerability (9 minutes);
- From Prime + Probe To Spectre - Demonstrating Spectre vulnerability using the Virgulator emulator (11 minutes);
- Defining Micro-Architectural Attacks - Discussing Micro-Architecture attacks between processes (19 minutes);

Basic reading is chapter 6 of the coursebook that deals CPU Caches and Cache attack techniques; For further reading on cache attacks, see Colin Percival’s Cache Missing For Fun And Profit; The chapter also introduces 2 main cache attack techniques: Flush+Reload and Prime+Probe; For further reading about the hash function can be reverse engineered, see Reverse engineering intel last-level cache complex addressing using performance counters. ; Finally, there is a step-by-step Flush+Reload cache attack (as presented in Gruss, Spreitzer and Mangard’s “Automating attacks on inclusive last-level caches” and on Yarom and Faulkner’s “A high resolution, low noise, L3 cache side-channel attack” demonstration to retrieve the user’s keystroke timestamps in a gedit program. The Github repository can be found here.

### Lecture 9 - Fault Attacks I

Videos:

- Definition of Fault Attacks - Defining Fault Attacks, which are active attacks for extracting information from devices by breaking them (12 minutes);
- FA Example - Unlooper (1997) - Discussing unloopers which were smartcards intended to cause the card to skip one or more instructions by applying a “glitch” in some form to the power or clock signal(8 minutes);
- Fault Attack Taxonomy - Further discussion of Fault Attacks, fault methods, and targets(25 minutes);

This lecture is based on chapter 9 of the coursebook “Fault Attacks”, which is an active attack that allows the attacker to extract information from a device by breaking it. It goes on to discuss different kinds of fault methods (power supply attacks, timing attacks, temperature attacks, and more), further giving examples of classic fault attacks targeting the control flow: Canon camera blinking, and Unloopers. We then examine a fault attack on RSA-CRT as presented by Boneh and Lipton in On the importance of eliminating errors in cryptographic computations;

### Lecture 10 - Fault Attacks II

- Introduction to Biham Shamir Fault Attack - texty texty text (20 minutes);
- Biham Shamir Fault Attack Explained - texty texty text (20 minutes);
- Introduction to The Boneh, DeMillo, Lipton Fault attack - RSA-CRT - texty texty text (20 minutes);
- The Theory of The Boneh, DeMillo, Lipton Fault attack - texty texty text (11 minutes);
- The Boneh, DeMillo, Lipton Fault attack in practice - texty texty text (15 minutes);
- The Theory of Rowhammer - texty texty text (17 minutes);
- Rowhammer in Practice - texty texty text (14 minutes);
- DVFS - Dynamic Voltage and Frequency Scaling - texty texty text (12 minutes);

*Hi, Yossi here. I forgot to ask for a summary for lecture 10, and there we are with the texty texts. Maybe you can help by issuing a pull request?*

This lecture is based on chapter 9 of the coursebook “Fault Attacks”. Papers covered include Kim et al.’s “Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors”, Razavi et al.’s “Flip Feng Shui: Hammering a Needle in the Software Stack”, Tang et al.’s “CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management”, Schmidt and Hutter’s “Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results”, Boneh DeMillo and Lipton’s “On the Importance of Eliminating Errors in Cryptographic Computations”, Murdock et al.’s “Plundervolt: Software-based Fault Injection Attacks against Intel SGX”, and Biham and Shamir’s “Differential fault analysis of secret key cryptosystems”.

## How To Compile The Handbook

### Windows

#### Toolchain Installation

- Install MikTex from: https://miktex.org/download (with default settings). NOTE that although Tex Live is supposedly a decent alternative to MikTex on windows - attempts to use it for compiling the book failed miserably.
- Install Perl from: http://strawberryperl.com/
- [Optional but Recommended] Install VSCode and the
**LaTeX Workshop**extension to be able to compile from VSCode. - [Optional but Recommended] Install the
**LaTex language support**VSCode extension to ease editing in VSCode.#### Full book Compilation

- From VSCode: open UniversityCourseBookAOI.tex, click on the “TEX” icon in the left sidebar, run the “Build LaTeX project” command.
- Without VSCode: run
`latexmk`

from the root directory of the book repository

Other operating systems: just run `latexmk`