Paper 2017/968

Template Attack on Blinded Scalar Multiplication with Asynchronous perf-ioctl Calls

Sarani Bhattacharya, Clementine Maurice, Shivam Bhasin, and Debdeep Mukhopadhyay

Abstract

In recent years, performance counters have been used as a side channel source for the branch mispredictions which has been used to attack ciphers with user privileges. However, existing research considers blinding techniques, like scalar blinding, scalar splitting as a mechanism of thwarting such attacks. In this endeavour, we reverse engineer the undisclosed model of Intel’s Broadwell and Sandybridge branch predictor and further utilize the largely unexplored perf ioctl calls in sampling mode to granularly monitor the branch prediction events asynchronously when a victim cipher is executing. With these artifacts in place, we target scalar blinding and splitting countermeasures to develop a key retrieval process using what is called as Deduce & Remove. The Deduce step uses template based on the number of branch misses as expected from the 3-bit model of the BPU to infer the matched candidate values. In the Remove step, we correct any erroneous conclusions that are made, by using the properties of the blinding technique under attack. It may be emphasized that as in iterated attacks the cost of a mistaken deduction could be significant, the blinding techniques actually aids in removing wrong guesses and in a way auto-corrects the key retrieval process. Finally, detailed experimental results have been provided to illustrate all the above steps for point blinding, scalar blinding, and scalar splitting to show that the secret scalar can be correctly recovered with high confidence. The paper concludes with recommendation on some suitable countermeasure at the algorithm level to thwart such attacks.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Scalar MultiplicationScalar SplittingScalar Blinding3-bit predictor
Contact author(s)
tinni1989 @ gmail com
History
2017-10-03: received
Short URL
https://ia.cr/2017/968
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/968,
      author = {Sarani Bhattacharya and Clementine Maurice and Shivam Bhasin and Debdeep Mukhopadhyay},
      title = {Template Attack on Blinded Scalar Multiplication with Asynchronous perf-ioctl Calls},
      howpublished = {Cryptology ePrint Archive, Paper 2017/968},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/968}},
      url = {https://eprint.iacr.org/2017/968}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.