Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces

Trautmann J, Beckers A, Wouters L, Gierlichs B, Wildermann S, Verbauwhede I, Teich J (2022)

Publication Language: English

Publication Type: Conference contribution, Conference Contribution

Publication year: 2022

Book Volume: TCHES 2022 Issue 1

Pages Range: 345–366

Conference Proceedings Title: IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)

Event location: Leuven, Belgium

DOI: 10.46586/tches.v2022.i1.345-366

Open Access Link: https://tches.iacr.org/index.php/TCHES/article/view/9300/8866

Abstract

Locating a cryptographic operation in a side channel trace, i.e. finding out where it is in the time domain, without having a template, can be a tedious task even for unprotected implementations. The sheer amount of data can be overwhelming. In a simple call to OpenSSL for AES-128 ECB encryption of a single data block, only 0.00028% of the trace relate to the actual AES-128 encryption. The rest is overhead.
We introduce the (to our best knowledge) first method to locate a cryptographic operation in a side channel trace in a largely automated fashion. The method exploits meta information about the cryptographic operation and requires an estimate of its implementation's execution time.
The method lends itself to parallelization and our implementation in a tool greatly benefits from GPU acceleration. The tool can be used offline for trace segmentation and for generating a template which can then be used online in real-time waveform-matching based triggering systems for trace acquisition or fault injection. We evaluate it in six scenarios involving hardware and software implementations of different cryptographic operations executed on diverse platforms. Two of these scenarios cover realistic protocol level use-cases and demonstrate the real-world applicability of our tool in scenarios where classical leakage-detection techniques would not work. The results highlight the usefulness of the tool because it reliably and efficiently automates the task and therefore frees up time of the analyst.
The method does not work on traces of implementations protected by effective time randomization countermeasures, e.g., random delays and unstable clock frequency, but is not affected by masking, shuffling and similar countermeasures.

Authors with CRIS profile

Jens Trautmann Graduiertenkolleg 2475 Cyberkriminalität und Forensische Informatik Stefan Wildermann Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design) Jürgen Teich Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design)

Related research project(s)

Cybercrime and Forensic Computing -- Hardware Security (GRK 2475) GRK2475: Cyberkriminalität und Forensische Informatik Oct. 1, 2019 - Oct. 1, 2028 Cyberkriminalität und forensische Informatik (Cybercrime) Oct. 1, 2019 - March 31, 2024

Involved external institutions

Katholieke Universiteit Leuven (KUL) / Catholic University of Leuven BE Belgium (BE)

How to cite

APA:

Trautmann, J., Beckers, A., Wouters, L., Gierlichs, B., Wildermann, S., Verbauwhede, I., & Teich, J. (2022). Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces. In IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) (pp. 345–366). Leuven, Belgium.

MLA:

Trautmann, Jens, et al. "Semi-Automatic Locating of Cryptographic Operations in Side-Channel Traces." Proceedings of the CHES 2022, Leuven, Belgium 2022. 345–366.

BibTeX: Download