As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com.

Difference between revisions of "Investigating Block Cipher Modes with DPA"

From ChipWhisperer Wiki
Jump to: navigation, search
(Block Cipher Modes)
Line 19: Line 19:
 
[[File:Block-Cipher-OFB.png]]
 
[[File:Block-Cipher-OFB.png]]
  
'''Counter (CTR):''' An incrementing counter repeatedly encrypted to produce a sequence of blocks, which are XORed with the plaintexts to produce the ciphertexts:
+
'''Counter (CTR):''' An incrementing counter is encrypted to produce a sequence of blocks, which are XORed with the plaintexts to produce the ciphertexts:
  
 
[[File:Block-Cipher-CTR.png]]
 
[[File:Block-Cipher-CTR.png]]
  
 
All four of these modes share the same quality: if the same plaintext block is encrypted multiple times, the result will be different every time. The goal of this attack is to take a target that's using one of these five cipher modes and determine which mode is being used.
 
All four of these modes share the same quality: if the same plaintext block is encrypted multiple times, the result will be different every time. The goal of this attack is to take a target that's using one of these five cipher modes and determine which mode is being used.
 +
 +
 +
= Firmware =
 +
To perform this attack, the SimpleSerial AES XMEGA firmware was modified to allow the target to use all five of these block cipher modes. The <code>encrypt()</code> function takes a new plaintext and produces the next ciphertext:
 +
 +
<pre>
 +
void encrypt(uint8_t* pt)
 +
{
 +
static uint8_t input[16];
 +
static uint8_t output[16];
 +
 +
// Find input
 +
switch(BLOCK_MODE)
 +
{
 +
case ECB:
 +
for(int i = 0; i < 16; i++)
 +
input[i] = pt[i];
 +
break;
 +
 +
case CBC:
 +
for(int i = 0; i < 16; i++)
 +
input[i] = pt[i] ^ ct[i];
 +
break;
 +
 +
case CFB:
 +
for(int i = 0; i < 16; i++)
 +
input[i] = ct[i];
 +
break;
 +
 +
case OFB:
 +
for(int i = 0; i < 16; i++)
 +
input[i] = output[i];
 +
break;
 +
 +
case CTR:
 +
input[0]++;
 +
break;
 +
}
 +
 +
// Encrypt in place
 +
for(int i = 0; i < 16; i++)
 +
output[i] = input[i];
 +
aes_indep_enc(output);
 +
 +
// Use output to calculate new ciphertext
 +
switch(BLOCK_MODE)
 +
{
 +
case ECB:
 +
case CBC:
 +
for(int i = 0; i < 16; i++)
 +
ct[i] = output[i];
 +
break;
 +
 +
case CFB:
 +
case OFB:
 +
case CTR:
 +
for(int i = 0; i < 16; i++)
 +
ct[i] = output[i] ^ pt[i];
 +
break;
 +
}
 +
}
 +
</pre>
 +
 +
Check that all five of these modes match the diagrams above.
 +
 +
This code was compiled five times with five different values of <code>BLOCK_MODE</code>, producing five hex files (one for ECB encryption, one for CBC, etc). All of this code is in the ChipWhisperer repository under <code>chipwhisperer\hardware\victims\firmware\simpleserial-aes-modes\</code>.

Revision as of 07:08, 25 August 2016

Block Cipher Modes

In the real world, it's a bad idea to encrypt data directly using block ciphers like AES. The goal of encryption is to produce ciphertexts that look pseudo-random: there should be no visible patterns in the output. Using a block cipher directly, encrypting the same plaintext multiple times will always result in the same ciphertext, so any patterns in the input will also appear in the output. This encryption method is called the Electronic Code Book (ECB) block cipher mode.

Block-Cipher-ECB.png

To get around the weaknesses of ECB mode, there are alternative encryption methods that reuse the basic block ciphers and their core. A number of these are described on Wikipedia. On top of ECB mode, there are 4 more block cipher modes that this attack will consider.

Cipher Block Chaining (CBC): The plaintext is XORed with the previous ciphertext before being encrypted. There is no ciphertext before the first plaintext, so a randomly chosen initialization vector (IV) is used instead:

Block-Cipher-CBC.png

Cipher Feedback (CFB): The previous ciphertext is used as the input for the cipher. Then, the plaintext is XORed with the result to get the new ciphertext. Again, an IV is used to replace the missing ciphertext:

Block-Cipher-CFB.png

Output Feedback (OFB): An IV is repeatedly encrypted to produce a pseudo-random sequence of blocks. Then, these encryption results are XORed with the plaintexts to produce the ciphertexts:

Block-Cipher-OFB.png

Counter (CTR): An incrementing counter is encrypted to produce a sequence of blocks, which are XORed with the plaintexts to produce the ciphertexts:

Block-Cipher-CTR.png

All four of these modes share the same quality: if the same plaintext block is encrypted multiple times, the result will be different every time. The goal of this attack is to take a target that's using one of these five cipher modes and determine which mode is being used.


Firmware

To perform this attack, the SimpleSerial AES XMEGA firmware was modified to allow the target to use all five of these block cipher modes. The encrypt() function takes a new plaintext and produces the next ciphertext:

void encrypt(uint8_t* pt)
{
	static uint8_t input[16];
	static uint8_t output[16];
	
	// Find input 
	switch(BLOCK_MODE)
	{
		case ECB:
			for(int i = 0; i < 16; i++)
				input[i] = pt[i];
			break;
			
		case CBC:
			for(int i = 0; i < 16; i++)
				input[i] = pt[i] ^ ct[i];
			break;
			
		case CFB:
			for(int i = 0; i < 16; i++)
				input[i] = ct[i];
			break;
			
		case OFB:
			for(int i = 0; i < 16; i++)
				input[i] = output[i];
			break;
			
		case CTR:
			input[0]++;
			break;
	}
	
	// Encrypt in place
	for(int i = 0; i < 16; i++)
		output[i] = input[i];
	aes_indep_enc(output);
	
	// Use output to calculate new ciphertext
	switch(BLOCK_MODE)
	{
		case ECB:
		case CBC:
			for(int i = 0; i < 16; i++)
				ct[i] = output[i];
			break;
			
		case CFB:
		case OFB:
		case CTR:
			for(int i = 0; i < 16; i++)
				ct[i] = output[i] ^ pt[i];
			break;
	}
}

Check that all five of these modes match the diagrams above.

This code was compiled five times with five different values of BLOCK_MODE, producing five hex files (one for ECB encryption, one for CBC, etc). All of this code is in the ChipWhisperer repository under chipwhisperer\hardware\victims\firmware\simpleserial-aes-modes\.