Paper 2017/968
Template Attack on Blinded Scalar Multiplication with Asynchronous perf-ioctl Calls
Sarani Bhattacharya, Clementine Maurice, Shivam Bhasin, and Debdeep Mukhopadhyay
Abstract
In recent years, performance counters have been used as a side channel source for the branch mispredictions which has been used to attack ciphers with user privileges. However, existing research considers blinding techniques, like scalar blinding, scalar splitting as a mechanism of thwarting such attacks. In this endeavour, we reverse engineer the undisclosed model of Intel’s Broadwell and Sandybridge branch predictor and further utilize the largely unexplored perf ioctl calls in sampling mode to granularly monitor the branch prediction events asynchronously when a victim cipher is executing. With these artifacts in place, we target scalar blinding and splitting countermeasures to develop a key retrieval process using what is called as Deduce & Remove. The Deduce step uses template based on the number of branch misses as expected from the 3-bit model of the BPU to infer the matched candidate values. In the Remove step, we correct any erroneous conclusions that are made, by using the properties of the blinding technique under attack. It may be emphasized that as in iterated attacks the cost of a mistaken deduction could be significant, the blinding techniques actually aids in removing wrong guesses and in a way auto-corrects the key retrieval process. Finally, detailed experimental results have been provided to illustrate all the above steps for point blinding, scalar blinding, and scalar splitting to show that the secret scalar can be correctly recovered with high confidence. The paper concludes with recommendation on some suitable countermeasure at the algorithm level to thwart such attacks.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- Scalar MultiplicationScalar SplittingScalar Blinding3-bit predictor
- Contact author(s)
- tinni1989 @ gmail com
- History
- 2017-10-03: received
- Short URL
- https://ia.cr/2017/968
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/968, author = {Sarani Bhattacharya and Clementine Maurice and Shivam Bhasin and Debdeep Mukhopadhyay}, title = {Template Attack on Blinded Scalar Multiplication with Asynchronous perf-ioctl Calls}, howpublished = {Cryptology {ePrint} Archive, Paper 2017/968}, year = {2017}, url = {https://eprint.iacr.org/2017/968} }