52 Things: Number 45: Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for RSA.

52 Things: Number 45: Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for RSA.

52件事:第45件:描述RSA文献中提出的针对侧信道攻击的一些基本(可能无效)防御措施。

 

This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know To Do Cryptography': a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year. This week we consider what can be done to mitigate the threat of side-channels against RSA implementations...
这是一系列博客文章中的最新一篇,旨在解决“每个博士生在做密码学时应该知道的52件事”:这是一组问题,旨在让博士生在第一年结束时了解他们应该知道什么。本周,我们将考虑如何减轻副通道对RSA实施的威胁。。。


To keep things simple in this post, we'll talk about so-called "vanilla" RSA (where no randomness is used in encryption) and highlight a small number of potential side-channel attacks along with countermeasures.
在这篇文章中,为了简单起见,我们将讨论所谓的“香草”RSA(加密中不使用随机性),并重点介绍少数潜在的侧通道攻击以及对策。


Let's start by recalling the vanilla RSA encryption scheme.
让我们首先回顾一下普通的RSA加密方案。

Key generation picks a secret pair of odd prime integers, p and q, and computes the modulus N=pq. An integer 3eϕ(N), coprime to ϕ(N), is chosen. Then the public key is the pair (N,e) and the secret key is the unique integer 3dϕ(N) such that ed1(modϕ(N)).
密钥生成选择一对秘密的奇数素数 p 和 q ,并计算模 N=pq 。选择一个与#4互质的整数#3。则公钥是对 (N,e) ,而密钥是唯一整数 3dϕ(N) ,使得 ed1(modϕ(N)) 。

To encrypt a message mZN, one computes me(modN).
要加密消息 mZN ,需要计算 me(modN) 。

To decrypt a ciphertext cZN, one computes cd(modN).
为了解密密文 cZN ,计算 cd(modN) 。


An SPA-Style Attack to Determine the Secret Key
一种确定密钥的SPA式攻击


We first give an example of how information about the secret key d could be leaked during the decryption operation. A typical implementation of exponentiation will be a branching program that behaves differently depending on the inputs. Consider, for example, the square and multiply algorithm which efficiently computes an exponentiation where the exponent is expressed in binary:
我们首先给出了一个关于密钥 d 的信息如何在解密操作期间被泄露的例子。幂运算的一个典型实现将是一个分支程序,它的行为取决于输入。例如,考虑平方和乘法算法,该算法有效地计算指数,其中指数以二进制表示:


Say d=0inbi2i where each bi{0,1}. Then,
说出 d=0inbi2i ,其中每个 bi{0,1} 。然后

cd=0incbi2i.
Noting that, if we ignore the bits bi, each factor in the product is the square of the previous factor, we can easily compute the product as follows:
注意,如果我们忽略比特 bi ,乘积中的每个因子都是前一个因子的平方,我们可以很容易地计算乘积,如下所示:

  • ANS1
  • facc
  • For 0in, do 对于 0in ,执行
    • If bi=1, 如果 bi=1 ,
      • ANSANS×fac
      • facfac2
    • Else, 其他的
      • facfac2
  • Return ANS. 返回 ANS 。
 
The algorithm behaves differently depending on whether each bi is 0 or 1. Therefore, if this algorithm is used to decrypt an RSA ciphertext, the time it takes or its power consumption could reveal the value of each bit bi, thus revealing the secret key d. This would be an SPA-style attack since only one trace would be needed.
根据每个 bi 是 0 还是 1 ,算法的行为不同。因此,如果使用该算法来解密RSA密文,则它所花费的时间或其功耗可以揭示每个比特#3的值,从而揭示密钥#4。这将是SPA式的攻击,因为只需要一个跟踪。


In order to prevent this kind of attack, one must make the two branches of the algorithm look the same to an attacker, i.e. have both branches of the square and multiply algorithm take the same amount of time to run or consume the same amount of power.
为了防止这种攻击,必须使算法的两个分支对攻击者来说看起来相同,即平方和乘法算法的两个子分支都需要相同的时间来运行或消耗相同的功率。


An SPA-Style Attack to Determine the Plaintext
确定明文的SPA式攻击


The above shows how the exponentiation operation used in decryption could compromise the secret key. But an attacker may be interested in a particular plaintext, m (after all, encryption is designed to keep such messages secret). Again, if the encryption operation is a branching program which depends on the value of m, the runtime or power consumption of a single encryption could leak information about m in an SPA-style attack. In particular, note that one has to perform a modular reduction in encryption. In most implementations, instead of a single reduction of a very large integer at the end of the exponentiation, there will be many modular reductions throughout the exponentiation algorithm in order to keep the numbers involved (relatively) small. As a slightly contrived example, suppose we perform modular reduction via the following loop:
上面显示了解密中使用的幂运算是如何泄露密钥的。但攻击者可能对特定的明文 m 感兴趣(毕竟,加密是为了对此类消息保密而设计的)。同样,如果加密操作是一个取决于 m 值的分支程序,那么在SPA式攻击中,单个加密的运行时间或功耗可能会泄露有关 m 的信息。特别要注意的是,必须对加密进行模块化缩减。在大多数实现中,不是在求幂结束时对一个非常大的整数进行单一的缩减,而是在整个求幂算法中进行许多模块化缩减,以保持所涉及的数字(相对)较小。作为一个略显做作的例子,假设我们通过以下循环执行模块化约简:


  • While ANS>N 而 ANS>N
    • ANSANSN
which, since the exponent is known in the case of encryption, leaks information about the base m depending on how long it takes to run and how much power it consumes (cf. David's post about attacks on Montgomery Arithmetic).
由于在加密的情况下指数是已知的,因此根据运行所需的时间和消耗的功率,它会泄露有关基 m 的信息(参见David关于攻击Montgomery算术的帖子)。


Again, to prevent this kind of attack we must ensure that our programme takes the same amount of time and consumes the same amount of power to reduce intermediate values modulo N, no matter what size they are (up to some upper bound which can easily be found since we know the exact exponent and range of values for the base).
同样,为了防止这种攻击,我们必须确保我们的程序花费相同的时间和消耗相同的功率来减少模 N 的中间值,无论它们的大小如何(高达一些上限,这很容易找到,因为我们知道基数的确切指数和值的范围)。


Preventing DPA-Style Attacks on the Secret Key
防止对密钥的DPA式攻击


Even if we obscure any branching in decryption that depends on d, the precise details of the operations performed in carrying out the exponentiations for decryption will still depend (in a less obvious way) on the exponent. So, over multiple decryptions, a statistical relationship between the decryption key and the duration or power consumption of the operations may emerge. Therefore we also need to prevent more subtle DPA-style attacks where the attacker uses statistical techniques on a large number of traces to test hypotheses on the secrect key.
即使我们掩盖了解密中依赖于 d 的任何分支,在执行解密的幂运算时执行的操作的精确细节仍将(以不太明显的方式)取决于幂。因此,在多次解密过程中,解密密钥与操作的持续时间或功耗之间可能会出现统计关系。因此,我们还需要防止更微妙的DPA式攻击,即攻击者在大量跟踪上使用统计技术来测试对secrect密钥的假设。


To do this, we have to remove the direct dependency between the secrect key and the calculation performed each time. This involves blinding, where some random noise is injected into the exponentiation operation without affecting the result. In the case of decryption, we introduce randomness in the exponent: while d is the unique multiplicative inverse of e in Zϕ(N) such that 3dϕ(N), we can add or subtract integer multiples of ϕ(N) to d and obtain a new inverse. So to decrypt cZN, select a random rZ and compute d=d+rϕ(N). Then compute the message cd(modN) which will be the same as directly computing cd(modN). The point is that addition is not usually a branching operation, so adding rϕ(N) to d will not leak information about d on a single trace, and using a new random r for each decryption prevents DPA-style attacks.
要做到这一点,我们必须消除secrect键和每次执行的计算之间的直接依赖关系。这涉及到盲法,在不影响结果的情况下,将一些随机噪声注入幂运算。在解密的情况下,我们在指数中引入随机性:而 d 是#2中 e 的唯一乘法逆,因此#3,我们可以将#4到 d 的整数倍相加或相减,从而获得新的逆。因此,要解密 cZN ,请随机选择 rZ 并计算 d=d+rϕ(N) 。然后计算消息 cd(modN) ,这将与直接计算 cd(modN) 相同。关键是加法通常不是分支操作,因此将 rϕ(N) 添加到 d 不会在单个跟踪上泄露关于 d 的信息,并且每次解密使用新的随机 r 可以防止DPA式的攻击。


Coppersmith's SPA-Style Attack to Determine the Plaintext
Coppersmith的SPA式攻击确定明文


We conclude this post with a special and interesting attack to determine m which is only possible when e is small (e=3 is a popular choice of exponent for efficiency of encryption). There is a theorem due to Coppersmith (see this article) that an attacker can efficiently find all 'small' integer roots modulo N of an integer polynomial f of degree e, where small essentially means having absolute value less than N1/e. Obviously if m happens to be small then one can use this to directly solve the equation mec(modN) as required to recover the plaintext. If not, but some of the most significant bits of m are leaked, then we may write m=mk+mu where mk is known and mu is small, obtaining an integer polynomial f(X)=(mk+X)ec whose small roots modulo N can be found via the Coppersmith method and correspond to the remaining bits of m. So we need to make sure that bits of m are not leaked by the encryption operation.
在这篇文章的结尾,我们用一个特殊而有趣的攻击来确定 m ,这只有在 e 很小的时候才有可能( e=3 是加密效率的常用指数选择)。Coppersmith提出了一个定理(见本文),攻击者可以有效地找到 e 次的整数多项式#4的模 N 的所有“小”整数根,其中小本质上意味着绝对值小于 N1/e 。显然,如果 m 恰好很小,则可以根据恢复明文的需要使用它来直接求解方程 mec(modN) 。如果不是,但是 m 的一些最高有效位被泄露,那么我们可以写 m=mk+mu ,其中 mk 是已知的, mu 是小的,获得整数多项式 f(X)=(mk+X)ec ,其小的根模 N 可以通过Coppersmith方法找到,并且对应于 m 的剩余位。因此,我们需要确保 m 的比特不会被加密操作泄露。


To counter this kind of attack, one again uses blinding: we introduce some randomness to m before exponentiating and remove it again afterwards. More precisely, to encrypt mZN, we select a random rZN, compute rm(modN), then (rm)e(modN) and finally multiply the result by rϕ(N)e (and reduce modulo N again). Obviously the ciphertext is the same as it would have been without blinding, but the leakage of the exponentiation operation is now independent of m.
为了对抗这种攻击,我们再次使用致盲:我们在指数化之前向 m 引入一些随机性,然后再次将其移除。更准确地说,为了加密 mZN ,我们选择一个随机的#2,计算#3,然后计算#4,最后将结果乘以 rϕ(N)e (并再次减少模 N )。显然,密文与没有盲法的情况下相同,但幂运算的泄漏现在与 m 无关。


This should give you a flavour of the kind of side-channel attacks that can be mounted on an encryption scheme and the way implementations can avoid them.
这应该会让您了解可以安装在加密方案上的侧通道攻击,以及实现可以避免这些攻击的方式。
posted @ 2024-04-13 13:33  3cH0_Nu1L  阅读(7)  评论(0编辑  收藏  举报