Investigating the effects various compilers have on the electromagnetic signature of a cryptographic executable
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430207 , vital:72673 , https://doi.org/10.1145/3129416.3129436
- Description: This research investigates changes in the electromagnetic (EM) signatures of a cryptographic binary executable based on compile-time parameters to the GNU and clang compilers. The source code was compiled and executed on a Raspberry Pi 2, which utilizes the ARMv7 CPU. Various optimization flags are enabled at compile-time and the output of the binary executable's EM signatures are captured at run-time. It is demonstrated that GNU and clang compilers produced different EM signature on program execution. The results indicated while utilizing the O3 optimization flag, the EM signature of the program changes. Additionally, the g++ compiler demonstrated fewer instructions were required to run the executable; this related to fewer EM emissions leaked. The EM data from the various compilers under different optimization levels was used as input data for a correlation power analysis attack. The results indicated that partial AES-128 encryption keys was possible. In addition, the fewest subkeys recovered was when the clang compiler was used with level O2 optimization. Finally, the research was able to recover 15 of 16 AES-128 cryptographic algorithm's subkeys, from the the Pi.
- Full Text:
- Date Issued: 2017
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430207 , vital:72673 , https://doi.org/10.1145/3129416.3129436
- Description: This research investigates changes in the electromagnetic (EM) signatures of a cryptographic binary executable based on compile-time parameters to the GNU and clang compilers. The source code was compiled and executed on a Raspberry Pi 2, which utilizes the ARMv7 CPU. Various optimization flags are enabled at compile-time and the output of the binary executable's EM signatures are captured at run-time. It is demonstrated that GNU and clang compilers produced different EM signature on program execution. The results indicated while utilizing the O3 optimization flag, the EM signature of the program changes. Additionally, the g++ compiler demonstrated fewer instructions were required to run the executable; this related to fewer EM emissions leaked. The EM data from the various compilers under different optimization levels was used as input data for a correlation power analysis attack. The results indicated that partial AES-128 encryption keys was possible. In addition, the fewest subkeys recovered was when the clang compiler was used with level O2 optimization. Finally, the research was able to recover 15 of 16 AES-128 cryptographic algorithm's subkeys, from the the Pi.
- Full Text:
- Date Issued: 2017
Investigating the electromagnetic side channel leakage from a raspberry pi
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429548 , vital:72621 , https://ieeexplore.ieee.org/abstract/document/8251771
- Description: This research investigates the Electromagnetic (EM) side channel leakage of a Raspberry Pi 2 B+. An evaluation is performed on the EM leakage as the device executes the AES-128 cryptographic algorithm contained in the Crypto++ library in a threaded environment. Four multi-threaded implementations are evaluated. These implementations are Portable Operating System Interface Threads, C++11 threads, Threading Building Blocks, and OpenMP threads. It is demonstrated that the various thread techniques have distinct variations in frequency and shape as EM emanations is leaked from the Raspberry Pi. Additionally, noise is introduced while the cryptographic algorithm executes. The results indicates that tt is still possible to visibly see the execution of the cryptographic algorithm. However, out of 50 occasions the cryptographic execution was not detected 32 times. It was further identified when calculating prime numbers, the cryptographic algorithm becomes hidden. Furthermore, the analysis pointed in the direction that when high prime numbers are calculated there is a window where the cryptographic algorithm can not be seen visibly in the EM spectrum.
- Full Text:
- Date Issued: 2017
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429548 , vital:72621 , https://ieeexplore.ieee.org/abstract/document/8251771
- Description: This research investigates the Electromagnetic (EM) side channel leakage of a Raspberry Pi 2 B+. An evaluation is performed on the EM leakage as the device executes the AES-128 cryptographic algorithm contained in the Crypto++ library in a threaded environment. Four multi-threaded implementations are evaluated. These implementations are Portable Operating System Interface Threads, C++11 threads, Threading Building Blocks, and OpenMP threads. It is demonstrated that the various thread techniques have distinct variations in frequency and shape as EM emanations is leaked from the Raspberry Pi. Additionally, noise is introduced while the cryptographic algorithm executes. The results indicates that tt is still possible to visibly see the execution of the cryptographic algorithm. However, out of 50 occasions the cryptographic execution was not detected 32 times. It was further identified when calculating prime numbers, the cryptographic algorithm becomes hidden. Furthermore, the analysis pointed in the direction that when high prime numbers are calculated there is a window where the cryptographic algorithm can not be seen visibly in the EM spectrum.
- Full Text:
- Date Issued: 2017
Investigating the utilization of the secure hash algorithm to generate electromagnetic noise
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430222 , vital:72674 , https://doi.org/10.1145/3163080.3163089
- Description: This research introduces an electromagnetic (EM) noise generator known as the FRIES noise generator to mitigate and obfuscate Side Channel Analysis (SCA) attacks against a Raspberry Pi. The FRIES noise generator utilizes the implementation of the Secure Hash Algorithm (SHA) from OpenSSL to generate white noise within the EM spectrum. This research further contributes to the body of knowledge by demonstrating that the SHA implementation of libcrypto++ and OpenSSL had different EM signatures. It was further revealed that as a more secure implementation of the SHA was executed additional data lines were used, resulting in increased EM emissions. It was demonstrated that the OpenSSL implementations of the SHA was more optimized as opposed to the libcrypto++ implementation by utilizing less resources and not leaving the device in a bottleneck. The FRIES daemon added noise to the EM leakage which prevents the visual location of the AES-128 cryptographic implementation. Finally, the cross-correlation test demonstrated that the EM features of the AES-128 algorithm was not detected within the FRIES noise.
- Full Text:
- Date Issued: 2017
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430222 , vital:72674 , https://doi.org/10.1145/3163080.3163089
- Description: This research introduces an electromagnetic (EM) noise generator known as the FRIES noise generator to mitigate and obfuscate Side Channel Analysis (SCA) attacks against a Raspberry Pi. The FRIES noise generator utilizes the implementation of the Secure Hash Algorithm (SHA) from OpenSSL to generate white noise within the EM spectrum. This research further contributes to the body of knowledge by demonstrating that the SHA implementation of libcrypto++ and OpenSSL had different EM signatures. It was further revealed that as a more secure implementation of the SHA was executed additional data lines were used, resulting in increased EM emissions. It was demonstrated that the OpenSSL implementations of the SHA was more optimized as opposed to the libcrypto++ implementation by utilizing less resources and not leaving the device in a bottleneck. The FRIES daemon added noise to the EM leakage which prevents the visual location of the AES-128 cryptographic implementation. Finally, the cross-correlation test demonstrated that the EM features of the AES-128 algorithm was not detected within the FRIES noise.
- Full Text:
- Date Issued: 2017
Recovering AES-128 encryption keys from a Raspberry Pi
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427740 , vital:72459 , https://www.researchgate.net/profile/Ibraheem-Frieslaar/publication/320102039_Recovering_AES-128_Encryption_Keys_from_a_Raspberry_Pi/links/59ce34f1aca272b0ec1a4d96/Recovering-AES-128-Encryption-Keys-from-a-Raspberry-Pi.pdf
- Description: This research is the first of its kind to perform a successful side channel analysis attack on a symmetric encryption algorithm executing on a Raspberry Pi. It is demonstrated that the AES-128 encryption algorithm of the Crypto++ library is vulnerable against the Correlation Power Analysis (CPA) attack. Furthermore, digital processing techniques such as dynamic time warping and filtering are used to recovery the full encryption key. In Addition, it is illustrated that the area above and around the CPU of the Raspberry Pi leaks out critical and secret information.
- Full Text:
- Date Issued: 2017
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2017
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427740 , vital:72459 , https://www.researchgate.net/profile/Ibraheem-Frieslaar/publication/320102039_Recovering_AES-128_Encryption_Keys_from_a_Raspberry_Pi/links/59ce34f1aca272b0ec1a4d96/Recovering-AES-128-Encryption-Keys-from-a-Raspberry-Pi.pdf
- Description: This research is the first of its kind to perform a successful side channel analysis attack on a symmetric encryption algorithm executing on a Raspberry Pi. It is demonstrated that the AES-128 encryption algorithm of the Crypto++ library is vulnerable against the Correlation Power Analysis (CPA) attack. Furthermore, digital processing techniques such as dynamic time warping and filtering are used to recovery the full encryption key. In Addition, it is illustrated that the area above and around the CPU of the Raspberry Pi leaks out critical and secret information.
- Full Text:
- Date Issued: 2017
- «
- ‹
- 1
- ›
- »