Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

File

advertisement 
AcceSys Technology
11/30/2012
SCATEboard Walkthrough Task 2.1
SCATEboard is a DARPA CFT funded project to evaluate device hardening against
Side Channel Attacks (SCA). These attacks were published in 1997 by Paul
Kosher from Cryptography Research Inc. The attacks in the paper included
Power Attacks and Timing Attacks. More advanced attacks like Electro-Magnetic
(EM) Attacks and Acoustic Attacks have been added to the list over the years
as well as ways of defeating them. The attacks are significant due to them
involving physical processes of the system. The devices’ hardware would need
to be redesigned to protect against such attacks.
There is no standard, as of yet, to test these devices. However, there are
commercial services available (RisCure Inspector) for manufacturers to
evaluate the device against all side channels.
Side Channel Attack Test Evaluation Board (SCATEboard) allows manufacturers
or anyone to implement and evaluate a device against Side Channels with a
very small learning curve. It will be open-source and available to both the
research community and any party interested in Side Channel Analysis.
SCATEboard Task 2.1 is a Windows Program that allows you to try your hand at
some DPA attacks against some traditional cryptographic algorithms like DES,
RSA and AES.
Walkthrough
Basic Setup involves a PicoScope (should be 5000 or 6000 series for attacks)
Oscilloscope to, an FPGA Attacker and a Victim. In this walkthrough we will
be using the Nexys 2 board for the Attack and the Spartan-3E board for the
Victim. We will also be using a Windows 8 operating system, but the process
is the same from Windows XP, Vista and 7.
Step 0: Download the Source Files
Step 1: Connect the Victim (Spartan3E) Board to the Evaluation PC (and Power)
Step 2: Install Xilinx ISE Webpack or iMPACT (Free)
iMPACT is still used to program the tool chain for both the attacker and
victim. This is because this would be more familiar with the embedded
community. We would like to move to a more automated command-line equivalent
of the iMPACT or a direct program interface. However, it depends on how the
user wrote his or her own VHDL and programming file for the FPGA. Therefore,
in the interest of dealing with edge-cases and unknown errors, SCATEboard
just relies on iMPACT to program the FPGA.
AcceSys Technology
11/30/2012
Step 3: Run Scateboard_Gui.exe
This GUI features a Help and
About page for completion.
The Help page is a small
checklist of instructions on how
to run a DPA attack using the
GUI. While the About page only
shows the copyright information
on SCATEboard. This is v1.0 so
there is bound to be some
improvements in the near future.
SCATEboard GUI also features a nice file list on the
side as well as a text editor. The text editor
serves no purpose other than to allow the user to write and modify the attack
vector file and list file. These will be used in the Run functions.
Step 4: Create New Project
Click “File” then “New
Project”. This should open
a wizard-ish window to
allow you to enter the project name,
directory to use, and information about the
algorithm. Be sure that the information is
correct because it was designed for all
traditional algorithms (namely RSA, AES, and
DES). Also make sure the directory exists.
For this example we will use AES Algorithm.
Fill out the information as seen in the picture. Enter 10 Rounds, 128 Block
AcceSys Technology
11/30/2012
Length, 16 S-boxes, 8 bits Input of S-boxes, 16 S-box Rows and Columns. Click
“Next” and wait a while as the S-box Definition form gets generated. This
will take a while. After the form is visible, quickly tick the “All SBOXs are
the same” to remove the extra sbox definitions. Note: Other Algorithms such
as DES have a different S-box definition for their 8 S-boxes. RSA does not
use any S-boxes so is not currently supported. RSA would need sensitivity to
number of times the multipliers operations are executed.
Please input all the values you see or open the preloaded project. The first
and second values are 63 and 7C respectively. After completing the
definitions, press “Finish” to complete defining the new project.
Step 5: Connect the Picoscope
Step 6: Add Attack File and Run Capture
In this step we will try to run the capture of samples
(similar to Task 1 GetSamples.exe). This requires first
adding or defining the attack file. Be sure to use the “.atk” extension when
searching for the attack file or when writing your own. Make sure the size of
the input vector is exactly the same as you defined in the project
definition. Please also note that you should be in the habit of saving your
AcceSys Technology
11/30/2012
project regularly before running capture otherwise old samples may be written
by new samples that are not as
correct. Please have the Picoscope
software installed on your evaluation
PC otherwise it will fail on launch.
After adding
the attack
file, select it
and click on
“Run” and then “Run Capture”. Ensure
you have the epp.exe (from Task 1.2)
file in your project or it will ask
you to locate it.
The power samples should automatically
be added to the project. And be available to view. These power samples
contain a list of doubles ready for analysis. You will not be able to modify
these through SCATEboard GUI. Any modification won’t be saved. To save a
modification to a file, click it, edit it in the text editor field and press
the “Add” on top of the field.
Step 6: Add List File and Run Analysis
Add the list file in the same way you add the attack file. In this case, the
extension is “.lst” instead. Then select your list file as well as the
samples and click “Run Analysis”.
The Analysis should usually go without a hitch and return to you the possible
key visible down below. If the certain S-box was not targeted, it will show
as “00”.
AcceSys Technology
11/30/2012
Significance
SCATEboard is now able to take in a traditional cryptographic algorithm that
uses substitution boxes for non-linearity and attack it with DPA. All steps
are easily accessible with the GUI and will serve as a platform to take in
Custom designed algorithm APIs for Task 2.2. This User Interface also stores
projects so that future testing does not impede on previous results and
everything is neatly kept in the project directory.
Related documents
Revenge-Seeking Behaviors
Revenge-Seeking Behaviors
Download PDF - Echo Photo Agency
Download PDF - Echo Photo Agency
slides - Stanley Bak
slides - Stanley Bak
Computer Security: Principles and Practice, 1/e
Computer Security: Principles and Practice, 1/e
Side-Channel Resistant Cryptography on FPGAs
Side-Channel Resistant Cryptography on FPGAs
dos_nanog
dos_nanog
Lecture 3
Lecture 3
Differential Power Analysis: A Serious Threat to FPGA Security
Differential Power Analysis: A Serious Threat to FPGA Security
DPA, Bitslicing and Masking at 1 GHz
DPA, Bitslicing and Masking at 1 GHz
PUBLICATIONS DE L’INSTITUT MATHÉMATIQUE Nouvelle série, tome 93 (107) (2013), 109–115
PUBLICATIONS DE L’INSTITUT MATHÉMATIQUE Nouvelle série, tome 93 (107) (2013), 109–115
On 3-share Threshold Implementations for 4-bit S
On 3-share Threshold Implementations for 4-bit S
Block Ciphers that are Easier to Mask
Block Ciphers that are Easier to Mask
Download
advertisement