Whip the Whisperer: Simulating Side Channel Leakage

Presented at Black Hat USA 2022, Aug. 11, 2022, 10:20 a.m. (40 minutes).

Cryptographic side channels are well-understood from a mathematical perspective, and many countermeasures exist that reduce leakage. Yet, there are many implementations in the field that leak. This is caused by a combination of lack of security experts, the fact that upon implementation countermeasures can become leaky, and the absence of good pre-silicon side channel analysis tools.

In this presentation, we show how common hardware design tools can be used to perform pre-silicon power simulations, and how that can be used to detect leaky implementations. We show a case study of how countermeasure implementations that look fine in source are actually leaky, and how simulation can help pinpoint individual leaky elements, both in software and hardware. There are surprising results where non-related software instructions leak, caused by microarchitectural interactions in the CPU pipeline. Armed with all this knowledge, those issues can be fixed.

This talk is interesting for hardware and software designers to see how tools can be used to pinpoint leakage down to the gate or code level, and for researchers in finding new side channels due to processor design.


Presenters:

  • Jasper van Woudenberg - CTO, Riscure
    Jasper van Woudenberg (@jzvw) currently is CTO for Riscure North America and half of the authors of the "Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks". He works with Riscure's San Francisco based team to improve embedded device security through innovation. As CTO of Riscure North America, Jasper is principal security analyst and is ultimately responsible for Riscure North America's technical and innovation activities. Jasper's interest in security matters was first sparked in his mid-teens by reverse engineering software. During his studies for a master's degree in both CS and AI, he worked for a penetration testing firm, where he performed source code review, binary reverse engineering and tested application and network security. At Riscure, Jasper's expertise has grown to include various aspects of hardware security; from design review and logical testing, to side channel analysis and perturbation attacks. He leads Riscure North America's pentesting teams and has a special interest in combining AI with security research. Jasper's eagerness to share knowledge is reflected by regular speaking appearances, specialized client training sessions, student supervision and academic publications. Jasper has spoken at many security conferences including Black Hat briefings and Trainings, Intel Security Conference, RWC, RSA, EDSC, BSides SF, Shakacon, ICMC, Infiltrate, has presented scientific research at SAC, WISSEC, CT-RSA, FDTC, ESC Design {West,East}, ARM TechCon, has reviewed papers for CHES and JC(rypto)EN, and has given invited talks at Stanford, NPS, GMU and the University of Amsterdam. Specialties include embedded security, side channel analysis, fault injection, binary code analysis, security evaluations of {mobile phones, smart cards, set-top-boxes}, network penetration testing, and code reviews.

Links:

Similar Presentations: