So attacks. How can I attack things? All right. Some of these things here are geared more towards what governments are going to be able to afford to do, but a lot of this stuff's also made available for chip companies so that they can rework part. All right, eBeam, electron beam you can read out individual storage elements. That includes key whatever critical information you have on their. Focused Ion beam, this actually allows me to cut wires and draw new wires on chips in the latest technology. Now, there's only so many changes you can do before you're going to mess something up. So, some of the, you guys familiar with field-programmable gate arrays, FPGAs. One of the companies, their security logic, they designed it so that to bypass it, you have to do seven Fib changes. They only tested it, so they only guarantee it to three, and that's because the testing of it becomes astronomically hard. So, whole idea there is, if you don't do three of them perfectly, you destroyed the part, okay? Things I can do, is I can cut the wire that says, "Is everything okay securely?" I can tie it to power to say, "It's always okay." Light leakage. These circuits off all our circuits actually leak a small amount of light, and you can put film on there, that's sensitive to light. Now, it takes some time, so if something's changing quickly you aren't going to be able to pick it up. But you can actually read it, so things like root keys, if you read those out of like a onetime programmable or something like that, store them in a local register or on chip memory, things like that. Many times, you can read them. So, fault injection, and this is a whole study area by itself. What can I do to get it to fail? I can glitch the power, I can drop the power so that it doesn't make timing. Based on which bit for example, with the AES algorithm doesn't make timing, I can actually start pulling apart what the key is. All right. So, fault injection in the software domain is penetration testing. Are you familiar with that? It's the same thing, I'm going to throw crap at this thing and see what happens and everything eventually will break down. You hope it's going to lock up, but you don't know that unless you've actually tested it. You can't test everything because it takes an infinite amount of time. Do your due diligence, okay? We're basically looking for it to misbehave, whether it's hardware fault, whether it's software fault, through different interfaces, Bluetooth everyone likes their Wi-Fi. Okay? If you have Bluetooth in here. If I had a device in here, Bluetooth, with it on, everyone here could be hacking it or attempting to hack it while I'm giving this presentation. If it's wired only, It's a little more difficult. So, side-channel, power usage, time, EM radiation, electromagnetic radiation, it's related to the power usage. This has been a huge area in the last few years, almost every device out there, either has addressed it or they don't care and addressing is not simple. So, the whole idea here is, I'm going to monitor the power over a whole bunch of data. I'm going to tell you to decrypt, let's say 100 megabytes or whatever. So, we're going to run the engine a whole bunch of times. I'm going to measure the power usage on every single time we use it, and I'm going to start looking for correlations based on the input bits, to the power usage, and only have to do this eight bits at a time because AES algorithm is based on that eight-bit S-box. If I can find a correlation that allows me to start attacking the key eight bits at a time. What's a AES? Do you want to explain what a S-boxes is and/or you're free to make a drawing over there? Basically, an S-box is a non-linear function. So, the whole idea is that your input, it's obviously fixed but your output is somewhat randomly generated, so it's not a direct correlation like you get through a lot like an XOR operation, it's pretty much a direct correlation. So, an S-box and like I said, at AES you got eight input pins for data coming in for sub-portion of your ciphertexts, they are what your generating and you've got eight bits coming out. The DES algorithm which was before AES, that actually had six input bits and four output bits. So basically, it's a one-to-one mapping but it's a nonlinear mapping. Remember, I told you on side-channel attacks? One of the things you can do is timing. All right. So, for RSA operations basically you're doing squaring operations and a conditional multiply. Well, squaring RSA operation is faster than a multiply operation. Therefore, literally you can look at the power usage and you'll see these spikes, and you could literally read the bits right off of there, based on knowing if it's a square or the conditional multiply. You always do the square, okay? So, you're talking 4,000 bit numbers to 2,000 a minimum for the exponent. Nowadays, most people are pushing for three or four K. So, basically, you're looking at the difference between these two operations. This is conditional, otherwise we just squared each time, okay? One of the things you can do to fix it, never use squaring operations. Makes it slower, most people don't like that and long time ago, we used to think that this is the ideal fix. It's not. I can't tell from time but I can tell based on power usage. A times A, has a different power profile than A times B. Paper I, trying to remember, about fours ago. Paper that was presented at the CHES conference, Cryptographic Hardware and Embedded Systems, they were doing an elliptic curve algorithm, so whether they were doing a double or a point double or a point addition, it actually ran through the same code and you still got the efficiency of their performance. Everything looked great until they started looking at the power. It was something as simple as in one path, they loaded the register with the zero value. That was enough for them to detect whether they're doing the point addition or point double. Now, elliptic curve, the point double is similar to the square operation and the point addition is similar to the multiply with RSA. It's probably the easiest way to consider it. So, until you test it. I've been at a company where they said, "Well, we added some logic to the AES block to make it a little bit resistant against side-channel." I looked at stuff and I said, "Well, that is all dependent on your input bits. You might have made it worse." "No, no, we couldn't have made it worse." I said, "Have you tested it?" It's easy to claim this stuff but if you haven't tested it, you have no clue what you did because a lot of this stuff is actually very counterintuitive. You think you got it and you don't. There's companies that this is all they do, is rip the stuff apart and help you figure out how to do it better. Any other questions or any, Back up again. Is that A times A, has a different power profile than A times B, and I had to think on that for a second but it's because the value is the same. Yeah. It just that tiny little bit, Yeah. Of difference, they're able to detect the miniscule power delta. Yeah. Therefore, can distinguish between A times A versus A times, Yeah. Pretty amazing. Yeah. I take it, the answer to the question was, "Did you test it? The answer was no. Yeah, they hadn't test it. They hadn't test it. Yeah. They just thought it was good enough? Yeah, yeah, yeah.
