Lady bird
Jasper van Woudenberg profile image

Jasper van Woudenberg

CTO North America and Principal Security Analyst at Riscure

Talk Title

Flip a bit, grab a key: symbolic execution edition

Talk Abstract

Differential fault analysis (DFA) is the field of using corruption of a cipher execution to extract its secret/private key. It is often applied in hardware-based crypto systems, but it is also being actively used in extracting keys from whitebox / software cryptographic implementations.

However, such DFA attacks require manual analysis as a pre-processing step, a fixed guess at the fault model, and can be non-trivial to implement. Algebraic Fault Analysis (AFA) is a class of DFA which overcomes these difficulties by using a combination of algebraic cryptanalysis and DFA to retrieve the secret key. In this research, we present a methodology which decreases the complexity of performing AFA, by using a symbolic execution engine on a software implementation of the cipher.

Depending on fault conditions we show AES and DES keys can be extracted with as little as 2--5 faults, while having a low computational and design complexity. We perform a live demo of such key extraction.

Speaker Bio

Four authors:

Cees-Bart Breunesse, PhD
Principal Security Analyst at Riscure; specialist in both hardware and software security

Rajesh Velegalati, PhD
Security Analyst at Riscure; focus on hardware fault injection

Panasayya Yalla, PhD
Security Analyst at Riscure; focus on hardware fault injection

Jasper van Woudenberg, MSc
CTO North America and Principal Security Analyst at Riscure ; specialist in both hardware and software security


Lady bird

Subscribe with hardwear.io

Your subscription indicates that you have agreed the terms and conditions of hardwear.io Read our privacy policy

Loading...