Attacking OpenSSL using Side-channel Attacks: The RSA case study

Presented at Still Hacking Anyway (SHA2017), Aug. 4, 2017, 5:40 p.m. (75 minutes)

Side channel attacks (SCA) gained attention in the past years. New low cost tools like Chip-Whisperer proved that these attacks are not any more a theoretical, academic risk but a real threat to the security of the embedded systems. Many cryptographic products are now being developed having this attacks in mind and countermeasures are being implemented. This is the case of the omnipresent OpenSSL, which implement protections against side channel attacks to prevent the extraction of the secret key. In our presentation, we will briefly introduce SCA to the audience and discuss later the countermeasures implemented in the OpenSSL RSA and our attack that allows us to bypass them. #NetworkSecurity

Presenters:

• Lukasz Chmielewski
  An security analyst working in the field of computer security. Specialties: side channel analysis, fault injection, and public key cryptography, especially ECC.
• Praveen Vadnala
  

Links:

• https://program.sha2017.org/events/169.html

Similar Presentations:

• Black Hat Asia 2017 / Breaking Korea Transit Card with Side-Channel Attack - Unauthorized Recharging
• ToorCon San Diego 16 (2014) / Time Trial: Racing Towards Practical Timing Attacks
• 30C3 (2013) / Extracting keys from FPGAs, OTP Tokens and Door Locks: Side-Channel (and other) Attacks in Practice