ФГУП «НПП «Гамма»
“KUZNYECHIK” Optimized Implementations on FPGA and Microcontrollers and their DPA Analysis Resistance
Cédric DELAUNAY, ESIEA, (C + V) ^ O Lab, France Делоне Седрик, ESIEA, (C+V)^O Lab, Франция
Alexander Alexandrovich ISTOMIN, “NPP “GAMMA”, Russia Истомин Александр Александрович, ФГУП «НПП «ГАММА», Россия Eric FILIOL, ESIEA, (C + V) ^ O Lab, Laval, France Фийол Эрик, ESIEA, (C+V)^O Lab, Лаваль, Франция XXI - RUSCRYPTO 2019 20.03.2019 COOPERATION / КООПЕРАЦИЯ 20.03.2019
ESIEA FSUE “SIE “GAMMA”
(C + V) ^ O Lab. Federal State Unitary Enterprise Resistance Laboratory of Operational Scientific and Industrial Enterprise Cryptology and Virology,
“GAMMA”, Analysis
France Russian Federation & DPA & ESIEA ФГУП «НПП «ГАММА» (C + V) ^ O Lab. Федеральное Государственное Лаборатория оперативной Унитарное Предприятие
Криптологии и Вирусологии, «Научно-производственное предприятие Implementations Франция «ГАММА»,
Россия
Optimized
- KUZNYECHIK KUZNYECHIK 2 Presentation Outline 20.03.2019
1. “Kuznyechik” et al.
2. Securing the Implementation
3. CPA and DPA – Attacks and Resistance
4. Results and Conclusions
5. Where to next ?
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 3 Initial context and stakes 20.03.2019
• Study the symmetric GOST R 34.12-2015 aka “Grasshopper” Block cipher algorithm.
• Provide different implementations for FPGA and Microcontrollers
• Check the resistance of the algorithm and its implementations to CPA and
DPA attacks.
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 4 20.03.2019
« Kuznyechik » et al. Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
About Grasshoppers and Waffles - KUZNYECHIK KUZNYECHIK 5 “Kuznyechik” (GOST R 34.12-2015)* 20.03.2019
• Russian Standard, adopted 01/2016 • Symmetric Block Cipher algorithm • 128 bits Block size • 256 bits Key length • 10 sub-keys of 128 bits • Substitution-Permutation Network • Feistel Network for Key Schedule • 10 Rounds / 3 functions per round Non-linear Plaintext XOR with Sub Linear XOR with last permutation Key i Transformation Sub Key Ciphertext
(S-Box)
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized - 9 identical
rounds KUZNYECHIK KUZNYECHIK
(*): for all those in hibernation for the last 5 years 6 “Kuznyechik” (GOST R 34.12-2015)* 20.03.2019
• Linear permutation L :
where:
and
where :
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK
(*): for all those in hibernation for the last 5 years 7 The AES Cipher as brief reminder 20.03.2019
• NIST Standard, adopted 2001 * • Symmetric Block Cipher algorithm • 128 bits Block size • 128, 192 or 256 bits Key length • 14 sub-keys of 128 bits
• Substitution-Permutation Network Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized • 14 Rounds / 4 functions per round -
(for 256 bit key length) KUZNYECHIK KUZNYECHIK
(*): Belgian Waffle – our avatar for the AES 8 Cipher Kuznyechik on FPGA 20.03.2019
• Several variants where conceptualized and implemented
• Here the results of the first implementations:
Encryption DELAY depending on the compactness of the model Encryption SPEED depending on the compactness
of the model
)
MBps
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
-
Delay (ns) Delay
Encryption Speed ( Encryption KUZNYECHIK KUZNYECHIK
Compactness in Look Up Tables (LUTs) Compactness in Look Up Tables (LUTs) 9 20.03.2019
Securing the
Implementation Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized Вежливые Зелёные Кузнечики -
« It’s not easy being green » KUZNYECHIK KUZNYECHIK 10 Threat Matrix 20.03.2019 SIGINT / MEASINT • What do we face ? Power Consumption Analysis - Attack
Fault Injection
- Voltage Glitch - Temperature - hν (Laser,…) Side-Channel […] !!! Microprobing Analysis
Active Passive
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized -
Invasive Non - Invasive KUZNYECHIK KUZNYECHIK HUMINT Physical Attacks 11 Securing the Implementation 20.03.2019
How can we protect ourselves against these attacks? Resistance
Enacting Analysis
HARDWARE and SOFTWARE & DPA &
Countermeasures Implementations
• Random Delay Insertion • Masking
Optimized - • Noise Generator • Dual-Rail with Precharge Logic
• Shuffling KUZNYECHIK KUZNYECHIK Chosen Solution ! 12 Securing the Implementation 20.03.2019
How does the masked “Kuznyechik”-Implementation work ?
Random Mask Generation
XOR between the Plaintext and the mask before encryption (or decryption)
Unmasking at the end of the encryption (or decryption)
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 13 Securing the Implementation 20.03.2019
• Masking AES-256 works the same way
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 14 Securing the Implementation 20.03.2019
• Comparison between implementations: (Reference Platform XILINX Artix7 (Speedgrade -1) )
Implementatio “Kuznyechik “Kuznyechik” AES-256 n: ” Standard Masked Standard LUTs: 8810 10106 4846 Latches: 2167 2697 4540
Maximum 28.5 MHz 28.5 MHz 28.5 MHz Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
Frequency: - Delay: 1526.2 ns 1596.2 ns 1920.0 ns
Encryption rate 83.9 Mbps 80.8 Mbps 66.7 Mbps KUZNYECHIK KUZNYECHIK 15 Preview of the CPA Theory 20.03.2019
• Leakage Model
Attacked Component
N Plaintexts Secret Key K N Ciphertexts
Mathematical N Leaks Most likely Distinguisher key Leakage
Model Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized M Key - N’ N’ Ciphertexts
Plaintexts possibilities KUZNYECHIK KUZNYECHIK
Theoretica l Leaks 16 20.03.2019
CPA and DPA
Attacks and Resistance Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
…after that, the NSA, the CIA,… - KUZNYECHIK KUZNYECHIK 17 DPA Setup in FPGA 20.03.2019
• XILINX Artix 7 XC7A35T & XC7A100T
RX_data_out
128-bit input Data_ready Sub-key RX UART Receiver RX_done_tick buffer Scheduler
Sub_keys
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized - TX_data_in Ciphertext
TX_start 128-bit output Start_transmit UART Transmitter Encryption Block TX buffer
TX_done Transmit_done KUZNYECHIK KUZNYECHIK
GOST R 34.12-2015 “KUZNYECHIK” 18 Power Measurement 20.03.2019
• Direct measurement at the source
• Usually through a shunt resistor in the Power supply line
The voltage at measured at the resistor is linear proportional to the current through the circuit […] add fp, sp, #0 sub sp, sp, #20 str r0, [fp, #-16] mov r3, #0 str r3, [fp, #-8] b .L2 .L3: ldr r3, [fp, #-8] add r3, r3, #1
str r3, [fp, #-8] Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
ldr r3, [fp, #-16] - mov r3, r3, asr #1 str r3, [fp, #-16] .L2: ldr r3, [fp, #-16] cmp r3, #0 bgt .L3 ldr r3, [fp, #-8]
mov r0, r3 KUZNYECHIK add sp, fp, #0 ldmfd sp!, {fp} bx lr […] 19 EM-Field Measurement 20.03.2019
• Indirect measurement
• Current through conductor = magnetic field
• Measured through an H-Probe
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized - H-Probe Constructions
: KUZNYECHIK KUZNYECHIK 20 Hardware Setup 20.03.2019
• Data Acquisition Equipment (France) Power measurement through shunt on Microcontroller Power measurement through H-Probe on Artix Devboard
Data Acquisition Device CW1200
ChipWhisperer CW1200
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK
Target FPGA Board H-Probe + LNA 21 Hardware Setup 20.03.2019
• Data Acquisition Equipment – Russia
• Two Labs with ChipWhisperer CW1173 and special FPGA Target Board Power measurement through shunt on Microcontroller
Power measurement through shunt on low noise FPGA Board XC7A100T
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 22 Standard CPA with AES (trivial) 20.03.2019
Complete AES Signature (1 trace):
Detail:
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 23 Standard CPA with AES (trivial) 20.03.2019
• An algorithm can be mathematically strong but very weak in hardware implementations without countermeasures
Key found with only
50 traces
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 24 “Kuznyechik” Traces on Microcontroller 20.03.2019
• Full trace
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 25 Masked – Kuznyechik on FPGA 20.03.2019
• Masked / Non- Masked implementations have very similar signatures
• Here are 10+ traces superimposed (unsynchronized)
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 26 Masked – Kuznyechik on FPGA 20.03.2019
• Annotated Single Trace
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 27 20.03.2019
Results & Conclusions
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 28 Results 20.03.2019
• Working set: 100 000 traces (4000 sample points / trace ) acquired.
• Tested attacks:
Rounds : 1st round / 10th round / 9th round with 10th known key
Leakage models : Hamming Distance (DPA) & Hamming Weight (CPA)
Mathematical Distinguisher : Pearson correlation coefficient
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 29 Results 20.03.2019
Despite the acquisition of a large number of traces, no subkeys could be extracted from a “Kuznyechik” encryption process. No "usual" model, working on AES, DES, 3DES or RSA made it possible to determine one of the subkeys.
Even if a sub key were discovered, there would still be a problem:
. Subkeys are generated in pairs, so 2 subkeys are needed to recover the master key (instead of one for
AES !)
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized - Key Scheduling formula :
Where KUZNYECHIK 30
Results 20.03.2019 Resistance
• Four optimized implementations (2x FPGA + 2x Microcontroller) have been Analysis developed, allowing to compare the “Kuznyechik” (GOST R 34.12-2015) algorithm
and AES. DPA &
• However, even if security elements have been addressed, it is impossible to say whether or not this algorithm is sensitive to DPA / CPA attacks.
• Less “traditional” methods, Implementations such as attacks involving the use of Machine Learning (ML), should be
considered.
Optimized -
• Or maybe … KUZNYECHIK KUZNYECHIK 31 20.03.2019
Where to next ? Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
Кто виноват ? Что делать ? - KUZNYECHIK KUZNYECHIK 32 3D - Leakage Cartography 20.03.2019
• 2D + Time !
• Works better with chip decapping !
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 33 3D - Leakage Cartography 20.03.2019
• Very precise X-Y Plotter Table (special Construction)
• Micro H-Probe / Micro H-Probe Array (ev. E-Probe)
• Work in progress !
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 34 Caveats ? 20.03.2019
• Very High Analysis Cost ! Pessimistic : (X*Y : X*Y) * Traces
• Not very usable for small implementations Small attack surface
• Targeted for high speed implementations using most FPGA gate area
• Semi-invasive / full invasive technique ( a little ! )
Optimized Implementations & DPA Analysis Resistance Analysis DPA & Implementations Optimized
- KUZNYECHIK KUZNYECHIK 35 Thank you for your attention !
Cédric DELAUNAY, Делоне Седрик, ESIEA, (C + V) ^ O Lab, France ESIEA, (C+V)^O Lab, Франция [email protected] [email protected]
Alexander Alexandrovich ISTOMIN, Истомин Александр Александрович, FSUE “SIE “GAMMA”, Russia ФГУП «НПП «ГАММА», Россия [email protected] [email protected]
Eric FILIOL, Фийоль Эрик, ESIEA, (C + V) ^ O Lab, Laval, France ESIEA, (C+V)^O Lab, Лаваль, Франция [email protected] [email protected]
ФГУП «НПП «Гамма»
XXI - RUSCRYPTO 2019 36 20.03.2019