Remote Side-Channel Attack on AES
Author
René Gál
Year
2024
Type
Bachelor thesis
Supervisor
doc. Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
This thesis explored the replicability of a remote side-channel attack. Initially, an analysis was
conducted on current FPGA on-chip power sensors and their approaches to executing remote
side-channel attacks. Subsequently, the routing delay sensor was identified as a suitable candidate
and deployed on the Digilent Basys 3 (Xilinx Artix-7) board. Using this sensor, measurements
were carried out, enabling a successful remote power analysis side-channel attack on the last
round of the AES-128 cipher, which was evaluated using correlation power analysis. Thus, the
replicability of a remote attack aimed at obtaining a secret key in the presence of the routing
delay sensor has been confirmed. Furthermore, all Python scripts used throughout were made
openly available in the attachments.
Implementation of Paillier cryptosystem & fault-injection attack on CEC 1702 processor
Author
Lukáš Daněk
Year
2022
Type
Bachelor thesis
Supervisor
doc. Dr.-Ing. Martin Novotný
Reviewers
Ing. Jakub Klemsa
Department
Summary
The bachelor thesis focuses on working with the CEC1702 cryptoprocessor. The first part of the thesis is oriented on programming the cryptoprocessor, modification of existing implementation of the library for operating on large numbers, and implementation of the Paillier cryptosystem for the mentioned cryptoprocessor. The thesis also includes development of firmware that allows the use of the RSA-CRT encryption algorithm and the Paillier cryptosystem with variable key length. The second part of the thesis focuses on fault injection attacks on the RSA-CRT encryption algorithm. Power supply glitches and clock source glitches used are generated using the ChipWhisperer suite.
The attacks are first successfully performed on the STM32F3 microcontroller, where RSA-CRT is implemented using the library for operating on large numbers from the first part of the thesis. Using the knowledge from the attacks on the STM32F3, a further set of attacks was designed for the CEC1702 cryptoprocessor, using only power supply glitches, as the CEC1702 does not have the ability to use an external clock source. The attack was performed on two versions of RSA-CRT. The first version corresponds to the implementation for the STM32F3. The second version uses a hardware accelerator for cryptographic operations. The attack was successful on both versions of the implementation. This thesis outlines a possible approach to extend the created implementations and the implemented fault injection attacks. Created manual for programming the cryptoprocessor and the firmware documentation can be found in the appendix of the thesis.
Power Analysis of Cryptographic Processor CEC 1702
Author
Tereza Horníčková
Year
2022
Type
Bachelor thesis
Supervisor
doc. Dr.-Ing. Martin Novotný
Reviewers
Ing. Jakub Klemsa
Department
Summary
The goal of this work is provide a development flow for CEC1702 Cryptographic Microcontroller and to assess its robustness against Power Analysis side-channel attacks. Attacks mounted were Correlational Power Analysis and Higher-Order Power Analysis targeting first round of encryption. After successfully attacking firmware implementation of AES on another ARM controller -- STM32F3, several other -- also successful -- attacks were mounted on corresponding implementation on CEC1702. Final attacks were mounted on the AES implementation using hardware accelerator, where all failed. Platforms for attack used were ChipWhisperer toolchain and SICAK toolkit.
Versatile Hardware Framework for Elliptic Curve Cryptography
Author
Vít Mašek
Year
2022
Type
Bachelor thesis
Supervisor
doc. Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
This thesis proposes a versatile hardware framework for elliptic curve cryptography. The framework supports modular arithmetics with up to 256-bit general modulus and optimized arithmetic for P-256, Ed25519, and Curve25519 curves, enabling easy implementation of various elliptic curve cryptography algorithms. Full elliptic curve and Edwards curve digital signature algorithms can be performed using this framework as well as the X25519 algorithm for Diffie-Hellman key exchange. Such a framework finds its application area in nowadays rapidly expanding field of hardware wallets or IoT devices. As the design is intended to be implemented in ASIC, it is designed to be area efficient. Individual hardware units are reused for several different calculations. The framework allows to implement several side-channel attack countermeasures, mainly masking techniques, even after the framework is designed.
Effect of signal-to-noise ratio on the success of a side channel attack
Author
Adam Rektořík
Year
2022
Type
Bachelor thesis
Supervisor
Ing. Petr Socha, Ph.D.
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
PRESENT cipher encrypts and decrypts a text block. Correlation power analysis introduces
power consumption model to correlate against real consumption during encryption. During encryption can be introduces undesired phenomenons, that could decrease the correlation. Signal-
to-noise ratio is a ratio of a signal against and undesired events. In the event of increase of
undesired phenomenons, signal-to-noise ratio will decrease. This work deliberately changes the
power of noise and encloses the relationship between signal-to-noise ratio and correlation power
attack success rate.
Dummy and multiple rounds countermaesure of PRESENT cipher in FPGA
Author
Petr Moucha
Year
2020
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Stanislav Jeřábek
Department
Summary
This thesis focuses on securing block ciphers against side-channel attacks that can deduce the secret key from a device's power consumption. Multiple-and dummy-rounds countermeasure was tested because its effectiveness is yet to be proven. To verify previous results and find possible errors in countermeasure design, I created VHDL implementation of PRESENT cipher secured by dummy rounds. This version underwent a series of tests that revealed a leakage at the beginning of the cryptographic operation. Further improvements led to progressively better but still unsatisfying results. The most prominent feature was the insertion of a random number of dummy clock cycles before the first valid operation. I also examined the influence of added dummy registers used as storage for outputs of dummy rounds. Furthermore, as part of my effort, I developed tools useful for future testing of multiple- and dummy-rounds countermeasure.
Influence of fault-injection prevention of hardware implementation of AES on its resistance against power analysis attacks
Author
Martin Mašek
Year
2018
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
The bachelor thesis deals with the inluence of prevention against fault-injection attacks on the AES cryptographic algorithm implemented on the Spartan 3E FPGA. It is investigated whether these fault detection circuits have any impact on resistance to differential power analysis attacks. In the course of the thesis, hardware implementation of AES in VHDL was developed and a program was written for DPA attack in the Matlab scripting language. Additional 5 variants were derived from the primary desing containing information redundancy for error detection during runtime. The number of patterns of consumption was found to successfully break the cipher and obtain the cipher key for each variation. The results did not reveal any greater impact on the feasibility of the attack.
Differential Power Analysis Attack on AES Implementation in Xilinx FPGA
Author
Ondřej Semrád
Year
2017
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
We explored the possibilities of application of Differential Power Analysis
(DPA) on the implementation of AES algorithm on the FPGA Spartan-3E by
Xilinx. We created two different hardware implementations of the AES cipher
in VHDL language, a script implementing the DPA method in the Mathematica
software and a wrapper implementing the communication between an
AES module and a computer using a serial line. We inserted eight different
versions of AES cipher inside the wrapper - five versions with safety measures
and three basic versions without any safety measures. We compared the resistance
of basic variant with the fault tolerant ones by computing the minimal
number of power traces needed for breaking the correct key for each variant.
We discovered that the safety measures (hardware redundacy, time redundancy
and information redundancy) had minimal influence on the resistance
against DPA.
Side channel attack on AES Implementation in Altera FPGA
Author
Jan Říha
Year
2017
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
Aim of this work is to compare influence of Fault-Tolerance techniques on
differential power-analysis (DPA) resistance of AES cipher implemented in Altera
FPGA. After attacking simple variant, I attacked fault-tolerant variants
of the cipher and compared results with the simple variant. From the comparison
follows that the use of informational redundancy at SubBytes operation,
spatial and time redundancy at both round and algorithm level had minimal
influence on resistance against DPA, as the number of power traces necessary
to obtain the key had not changed significantly.
Side channel analysis of cryptographic algorithms implementations
Author
Lukáš Mazur
Year
2017
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
We explored the possibilities of the Differential Power Analysis (DPA) on the Field Programmable Gate Array (FPGA). We have modified the application for measuring a power consumption, created scripts for performing DPA, and created different implementations of AES algorithm for FPGA. Developed scripts and applications for DPA were verified against AES implementation for smart cards. Once those applications successfully broke the implementation for smart cards, we continued with the application of DPA against AES implementation for an FPGA board. DPA against FPGA was performed in six different configurations. Those configurations differed in AES implementation for FPGA, in board configuration, in oscilloscope setup, and in method of the attack. We found variants that could be successfully broken. We found out that an oscilloscope and measuring environment setups has major impact on the feasibility of the DPA on FPGA. The implementation is less important for the success of the attack. The most important aspect of the implementation was the clock frequency. We have also found out that using different power sources and removing capacitors on the FPGA board have significant impact on the feasibility of the DPA.
Side channel analysis of cryptographic algorithms implementations
Author
Jan Severyn
Year
2017
Type
Bachelor thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
The thesis explores applicability of differential power analysis (DPA) attack against FPGA implementation of AES. We created all necesery tools for DPA on FPGA, i.e. we created several variants of AES in FPGA, we developed scripts for differential power analysis and we modifed programe controling power measurements to cooperate with FPGA kit. DPA tools were verified on SmardCard implementaion of AES. Attack was succesful in these case. DPA was then applied on seven various configurations of AES implementation in FPGA.The configurations vary in VHDL code, modifed schematic of design kit and/or various power supplies. The attack was not succesful in any above configuration. In scope of this work we also propose future work in exploration of DPA applicability on field programmable gate arrays.
Master theses
Security analysis of electronic control units for automobiles
Author
Matúš Olekšák
Year
2022
Type
Master thesis
Supervisor
Ing. Vojtěch Miškovský, Ph.D.
Reviewers
Ing. Petr Socha, Ph.D.
Department
Summary
This work deals with testing the security of control units for cars, more specifically, secure onboard communication via the CAN bus. Side-channel attack, flash of modified firmware, and extraction of bootloader over JTAG were attempted. The result is a successful attack with correlation power analysis of SipHash algorithm. However, I failed to use it for a real control unit, because of inability to find the computation in the measured data. The benefit of this work is the analysis of possible attacks on control units and successful side-channel attack on SipHash.
FPGA Acceleration of the Baby Variant of the WTFHE Scheme
Author
Pavel Chytrý
Year
2021
Type
Master thesis
Supervisor
doc. Dr.-Ing. Martin Novotný
Reviewers
Ing. Jakub Klemsa
Department
Summary
With the rise of cloud compute services, the privacy of user's data is often put into question, as the service provider has full access to it. This is further exacerbated by facilities that hold private data, but lack the computational power to run their own research - namely hospitals.
A Fully Homomorphic Encryption (FHE) could be a solution to this problem as it can evaluate arbitrary functions over encrypted data without the need for decryption on the Cloud service provider's side. Since the breakthrough by Gentry et al. in 2009, this field is very active with Chilloti et al. recently introducing the scheme called TFHE.
TFHE scheme has been shown to be suitable for securing Machine Learning as a Service (MLaaS). TFHE in its original form only works with one-bit plaintext space, however, several improvements allow the usage of multivalue plaintext space. This improved version was codenamed netWork-ready TFHE (WTHE).
In general, (W)TFHE Schemes implemented in software are several orders of magnitude slower than the commonly used encryption schemes. This thesis serves as a case study to determine the feasibility of accelerating the WTFHE Scheme with an FPGA. Our contributions consist of designing an FPGA accelerator capable of simple Neural Network evaluation, measuring its performance compared to the software setup, discovering resource requirements, and the potential of scalability.
Side-channel analysis of Rainbow post-quantum signature
Author
David Pokorný
Year
2021
Type
Master thesis
Supervisor
Ing. Petr Socha
Reviewers
doc. Dr.-Ing. Martin Novotný
Department
Summary
Rainbow, a layered multivariate quadratic digital signature, is a candidate for~standardization by National institute of standards and technology (NIST). In~this paper, we present a CPA side-channel attack on the submitted 32-bit reference implementation. We evaluate the attack on an STM32F3 ARM microcontroller. After a successful attack, we propose countermeasures against side-channel attacks. Countermeasures are implemented and evaluated using leakage assessment.
Influence of Synthesis Parameters on Vulnerability to Side-Channel Attacks
Author
Tomáš Balihar
Year
2020
Type
Master thesis
Supervisor
Dr.-Ing. Martin Novotný
Reviewers
Ing. Vojtěch Miškovský, Ph.D.
Department
Summary
Every cryptographic design has to be secure to fulfil its function properly. As side-channel attacks are becoming easier and easier to perform, designers of secure circuits must pay attention to implementing various countermeasures against these attacks. However, in some cases, their hard work can be thwarted if automatic optimizations invalidate the defences. This thesis explores the effect of synthesis parameters settings on the vulnerability of the cryptographic designs implemented in FPGAs to side-channel attacks. It focuses on the implementation of AES with multiple countermeasures against attacks and evaluates the effect of parameters settings on security using Test Vector Leakage Assessment based on Welch's t-test.
Fast data-acquisition tools for side-channel analysis in FPGA
Author
Ondřej Semrád
Year
2020
Type
Master thesis
Supervisor
Ing. Vojtěch Miškovský, Ph.D.
Reviewers
Ing. Petr Socha
Department
Summary
To mount a power analysis attack on a cryptographic device, one has to acquire up to millions of power traces of the attacked device. The goal of this thesis is to create a toolkit which will make the power traces acquisition faster whilst supporting as many different cryptographic schemes as possible. The toolkit will focus on hardware implentations of cryptographic schemes in FPGA.
Implementation and Effectiveness Evaluation of the VeraGreg Scheme on a Low-Cost Microcontroller
Author
Jan Říha
Year
2019
Type
Master thesis
Supervisor
Ing. Jakub Klemsa
Reviewers
Dr.-Ing. Martin Novotný
Department
Summary
Homomorphic encryption is an effective way of securing data privacy while
maintaining the possibility to process the data. The VeraGreg framework,
unlike other existing homomorphic cryptosystem allows for verification of computation that was done with the encrypted data.
This work deals with an implementation of the VeraGreg framework and its
effectiveness comparison with a na¨ive scheme based on symmetric encryption.
Secure microcontroller CE1302 was chosen as the implementation platform.
A new library for multiprecision integer arithmetic was created as well as the
first published implementation of Paillier cryptosystem using hardware RSA
accelerator.
The VeraGreg framework is 200 times slower compared to the naive scheme
and occupies one third more space in the program memory, so it is not a suitable alternative to symmetric cryptosystems. On the other hand, it provides
privacy to the user while allowing computations with the encrypted data, and
verifying that is has not been manipulated during the computation.
Side-channel attack countermeasures based on dynamic reconfiguration of FPGA
Author
Jan Brejník
Year
2019
Type
Master thesis
Supervisor
Ing. Stanislav Jeřábek
Reviewers
Dr.-Ing. Martin Novotný
Department
Summary
Field Programmable Gate Arrays (FPGAs) have an ability of dynamic reconfiguration, which allows them to be reprogrammed at runtime by itself. One computation can be implemented in different ways at different times. An actual way at a specific time is not known for an attacker and therefore it is much more difficult to use side-channel leakage to gain sensitive information. This diploma thesis follows the paper [1], which describes usage of three different countermeasures on PRESENT encryption algorithm. In this thesis, all these countermeasures were applied to PRESENT, SERPENT and AES. AES algorithm was implemented in two ways. The first way is based on the approach described in [1]. The second way uses a composite finite field to implement S-Box and therefore needs less CFGLUTs.
Software toolkit for side-channel attacks
Author
Petr Socha
Year
2019
Type
Master thesis
Supervisor
Ing. Vojtěch Miškovský, Ph.D.
Reviewers
Dr.-Ing. Martin Novotný
Department
Summary
Side-channel cryptanalysis pose a serious threat to many modern cryptographic systems. Typical side-channel attack consists of an active phase, where data are acquired, and an analytical phase, where the data get examined and evaluated. A software toolkit is presented in this thesis, which includes support for cryptographic device control, oscilloscope data acquisition, data preprocessing, statistical analysis and evaluation of the attack. The toolkit is composed of non-interactive text-based utilities with a modular plug-in architecture, and it is released under open-source licence.
Dissertation theses
Differential Power Analysis Countermeasures in Programmable Hardware
Author
Ing. Stanislav Jeřábek
Year
2024
Type
Dissertation thesis
Supervisor
doc. Ing. Jan Schmidt, Ph.D.
Reviewers
Dr. Vincent Grosso
doc. Ing. Zdeněk Martinásek, Ph.D.
Prof. Paris Kitsos, PhD.
doc. Ing. Zdeněk Martinásek, Ph.D.
Prof. Paris Kitsos, PhD.
Department