A Pre-processing Composition for Secret Key Recovery on Android [PDF]

A Pre-processing Composition for Secret Key Recovery on Android Smartphone IFIP International Workshop on Information Security Theory and Practice WISTP 2014: Information Security Theory and Practice. Securing the Internet of Things pp 76-91 | Cite as Yuto Nakano (1) Youssef Souissi (2) Robert Nguyen (2) Laurent Sauvage (2) Jean-Luc Danger (2) Sylvain Guilley (2) Shinsaku Kiyomoto (1) Yutaka Miyake (1) 1. KDDI R&D Laboratories Inc., Fujimino, Japan 2. Secure-IC S.A.S., Paris, France Conference paper 2 Citations 6 Readers 1.4k Downloads Part of the Lecture Notes in Computer Science book series (LNCS, volume 8501)

Abstract Simple Side-Channel Analyses (SSCA) are known as techniques to uncover a cryptographic secret from one single spied waveform. Up to now, these very powerful attacks have been illustrated on simple devices which leakage was obvious. On more advanced targets, such as high-end processors of smartphones, a simple visual analysis of the waveforms might not be sufficient to read the secret at once. In this paper, we detail and explain how a composition of time-frequency pre-processings manages to extract the relevant information from one signal capture of an asymmetric cryptographic operation (RSA and ECC) running on an Android system. The lesson is that side-channel countermeasures must be applied even on advanced platforms such as smartphones to prevent secret information theft through the electromagnetic (EM) waveforms.

Keywords Simple Side-channel Attack Time-frequency Pre-processing Asymmetric Cryptography RSA ECC Android smartphone This is a preview of subscription content, log in to check access

Preview Unable to display preview. Download preview PDF. Unable to display preview. Download preview PDF.

References 1.

Aboulkassimi, D., Agoyan, M., Freund, L., Fournier, J., Robisson, B., Tria, A.: ElectroMagnetic analysis (EMA) of software AES on Java mobile phones. In: WIFS, pp. 1–6. IEEE (2011) Google Scholar (https://scholar.google.com/scholar? q=Aboulkassimi%2C%20D.%2C%20Agoyan%2C%20M.%2C%20Freund%2C%20L.%2C%20Fournier%2C%20J.%2C%20Robisson%2C% 20B.%2C%20Tria%2C%20A.%3A%20ElectroMagnetic%20analysis%20%28EMA%29%20of%20software%20AES%20on%20Java%20mo bile%20phones.%20In%3A%20WIFS%2C%20pp.%201%E2%80%936.%20IEEE%20%282011%29)

2.

Android Debug Bridge, http://developer.android.com/tools/help/adb.html (http://developer.android.com/tools/help/adb.html)

3.

Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal and vertical side-channel attacks against secure RSA implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 1–17. Springer, Heidelberg (2013) CrossRef (https://doi.org/10.1007/978-3-642-36095-4_1) Google Scholar (http://scholar.google.com/scholar_lookup?title=Horizontal%20and%20vertical%20sidechannel%20attacks%20against%20secure%20RSA%20implementations&author=A..%20Bauer&author=E..%20Jaulmes&author=E..%20Prou ff&author=J..%20Wild&pages=1-17&publication_year=2013)

4.

Bauer, A., Prouff, E., Jaulmes, É., Wild, J.: Horizontal Collision Correlation Attack on Elliptic Curves. In: Lange, T., Lauter, K., Lisonĕk, P. (eds.) SAC. LNCS, vol. 8282. Springer, Heidelberg (2014) Google Scholar (https://scholar.google.com/scholar? q=Bauer%2C%20A.%2C%20Prouff%2C%20E.%2C%20Jaulmes%2C%20%C3%89.%2C%20Wild%2C%20J.%3A%20Horizontal%20Collis ion%20Correlation%20Attack%20on%20Elliptic%20Curves.%20In%3A%20Lange%2C%20T.%2C%20Lauter%2C%20K.%2C%20Lison% C4%95k%2C%20P.%20%28eds.%29%20SAC.%20LNCS%2C%20vol.%C2%A08282.%20Springer%2C%20Heidelberg%20%282014%29)

5.

Boneh, D., Durfee, G., Frankel, Y.: An Attack on RSA Given a Small Fraction of the Private Key Bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25–34. Springer, Heidelberg (1998) CrossRef (https://doi.org/10.1007/3-540-49649-1_3) Google Scholar (http://scholar.google.com/scholar_lookup? title=An%20Attack%20on%20RSA%20Given%20a%20Small%20Fraction%20of%20the%20Private%20Key%20Bits&author=D..%20Bone h&author=G..%20Durfee&author=Y..%20Frankel&pages=25-34&publication_year=1998)

6.

Bouncy Castle project. Bouncy Castle Crypto APIs, http://www.bouncycastle.org/documentation.html (http://www.bouncycastle.org/documentation.html)

7.

Charvet, X., Pelletier, H.: Improving the DPA Attack using Wavelet Transform. In: Physical Security Testing Workshop, http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-3/physec/papers/physecpaper14.pdf (http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-3/physec/papers/physecpaper14.pdf)

8.

Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. IACR Cryptology ePrint Archive, Report 2010/394 (2010), http://eprint.iacr.org/2010/394 (http://eprint.iacr.org/2010/394)

9.

Crypto++ Library, http://www.cryptopp.com/ (http://www.cryptopp.com/)

10.

Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001) CrossRef (https://doi.org/10.1007/3-540-44709-1_21) Google Scholar (http://scholar.google.com/scholar_lookup? title=Electromagnetic%20analysis%3A%20Concrete%20results&author=K..%20Gandolfi&author=C..%20Mourtel&author=F..%20Olivier&p ages=251-261&publication_year=2001)

11.

Gebotys, C.H., Ho, S., Tiu, C.C.: EM Analysis of Rijndael and ECC on a Wireless Java-Based PDA. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 250–264. Springer, Heidelberg (2005) CrossRef (https://doi.org/10.1007/11545262_19) Google Scholar (http://scholar.google.com/scholar_lookup? title=EM%20Analysis%20of%20Rijndael%20and%20ECC%20on%20a%20Wireless%20JavaBased%20PDA&author=C.H..%20Gebotys&author=S..%20Ho&author=C.C..%20Tiu&pages=250-264&publication_year=2005)

12.

Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis. Cryptology ePrint Archive, Report 2013/857 (2013) Google Scholar (https://scholar.google.com/scholar? q=Genkin%2C%20D.%2C%20Shamir%2C%20A.%2C%20Tromer%2C%20E.%3A%20RSA%20key%20extraction%20via%20lowbandwidth%20acoustic%20cryptanalysis.%20Cryptology%20ePrint%20Archive%2C%20Report%202013%2F857%20%282013%29)

13.

Google Inc. Profiling with Traceview and dmtracedump, http://developer.android.com/tools/debugging/debugging-tracing.html (http://developer.android.com/tools/debugging/debugging-tracing.html)

14.

Heyszl, J., Ibing, A., Mangard, S., Santis, F.D., Sigl, G.: Clustering Algorithms for Non-Profiled Single-Execution Attacks on Exponentiations. IACR Cryptology ePrint Archive, Report 2013/438 (2013), http://eprint.iacr.org/2013/438 (http://eprint.iacr.org/2013/438)

15.

Kenworthy, G., Rohatgi, P.: Mobile Device Security: The case for side channel resistance, http://mostconf.org/2012/papers/21.pdf (http://mostconf.org/2012/papers/21.pdf)

16.

Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) CrossRef (https://doi.org/10.1007/3-540-48405-1_25) Google Scholar (http://scholar.google.com/scholar_lookup? title=Differential%20Power%20Analysis&author=P.C..%20Kocher&author=J..%20Jaffe&author=B..%20Jun&pages=388397&publication_year=1999)

17.

Le, T.H., Clédiere, J., Serviere, C., Lacoume, J.L.: Noise Reduction in Side Channel Attack Using Fourth-Order Cumulant. IEEE Transactions on Information Forensics and Security (4), 710–720 Google Scholar (https://scholar.google.com/scholar? q=Le%2C%20T.H.%2C%20Cl%C3%A9diere%2C%20J.%2C%20Serviere%2C%20C.%2C%20Lacoume%2C%20J.L.%3A%20Noise%20Re duction%20in%20Side%20Channel%20Attack%20Using%20FourthOrder%20Cumulant.%20IEEE%20Transactions%20on%20Information%20Forensics%20and%20Security%C2%A0%284%29%2C%20710 %E2%80%93720)

18.

OpenSSL Project. OpenSSL library documentation, http://www.openssl.org/related/binaries.html (http://www.openssl.org/related/binaries.html)

19.

Oracle Corporation. JAVA JCE documentation, http://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html (http://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html)

20.

RELIC library (UNICAMP), https://code.google.com/p/relic-toolkit/ (https://code.google.com/p/relic-toolkit/)

21.

Research Center for Information Security (RCIS). Side-channel Attack Standard Evaluation Board (SASEBO), http://www.rcis.aist.go.jp/special/SASEBO/index-en.html (http://www.rcis.aist.go.jp/special/SASEBO/index-en.html)

22.

Souissi, Y., Aabid, A.E., Debande, N., Guilley, S., Danger, J.-L.: Novel Applications of Wavelet Transforms based Side-Channel Analysis. NonInvasive Attack Testing Workshop (2011), http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/01_Souissi.pdf (http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/01_Souissi.pdf)

23.

Souissi, Y., Guilley, S., Danger, J.-L., Mekki, S., Duc, G.: Improvement of power analysis attacks using Kalman filter. In: ICASSP, pp. 1778– 1781. IEEE (2010) Google Scholar (https://scholar.google.com/scholar?q=Souissi%2C%20Y.%2C%20Guilley%2C%20S.%2C%20Danger%2C%20J.L.%2C%20Mekki%2C%20S.%2C%20Duc%2C%20G.%3A%20Improvement%20of%20power%20analysis%20attacks%20using%20Kalma n%20filter.%20In%3A%20ICASSP%2C%20pp.%201778%E2%80%931781.%20IEEE%20%282010%29)

24.

Vuagnoux, M., Pasini, S.: Compromising electromagnetic emanations of wired and wireless keyboards. In: Proceedings of the 18th Conference on USENIX Security Symposium, SSYM 2009, Berkeley, CA, USA, pp. 1–16. USENIX Association (2009) Google Scholar (https://scholar.google.com/scholar? q=Vuagnoux%2C%20M.%2C%20Pasini%2C%20S.%3A%20Compromising%20electromagnetic%20emanations%20of%20wired%20and% 20wireless%20keyboards.%20In%3A%20Proceedings%20of%20the%2018th%20Conference%20on%20USENIX%20Security%20Symposiu m%2C%20SSYM%202009%2C%20Berkeley%2C%20CA%2C%20USA%2C%20pp.%201%E2%80%9316.%20USENIX%20Association%2 0%282009%29)

25.

Walter, C.D.: Sliding Windows Succumbs to Big Mac Attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001) CrossRef (https://doi.org/10.1007/3-540-44709-1_24) Google Scholar (http://scholar.google.com/scholar_lookup? title=Sliding%20Windows%20Succumbs%20to%20Big%20Mac%20Attack&author=C.D..%20Walter&pages=286299&publication_year=2001)

26.

Zenger, C., Paar, C., Lemke-Rust, K., Kasper, T., Oswald, D.: SEMA of RSA on a Smartphone. B.Sc. (from March 01, 2011 to October 17, 2011) report, http://www.yumpu.com/en/document/view/19636241/sema-of-rsa-on-a-smartphone (http://www.yumpu.com/en/document/view/19636241/sema-of-rsa-on-a-smartphone)

Copyright information © IFIP International Federation for Information Processing 2014

About this paper Cite this paper as: Nakano Y. et al. (2014) A Pre-processing Composition for Secret Key Recovery on Android Smartphone. In: Naccache D., Sauveron D. (eds) Information Security Theory and Practice. Securing the Internet of Things. WISTP 2014. Lecture Notes in Computer Science, vol 8501. Springer, Berlin, Heidelberg DOI (Digital Object Identifier) https://doi.org/10.1007/978-3-662-43826-8_6 Publisher Name Springer, Berlin, Heidelberg Print ISBN 978-3-662-43825-1 Online ISBN 978-3-662-43826-8 eBook Packages Computer Science About this book Reprints and Permissions

Personalised recommendations

© 2017 Springer International Publishing AG. Part of Springer Nature. Not logged in Not affiliated 185.191.229.108