- Webinar |
- Netherlands 2024 |
- USA 2024 |
- Netherlands 2023 |
- USA 2023 |
- Netherlands 2022 |
- USA 2022 |
- Netherlands 2021 |
- USA 2021 |
- Germany 2021 |
- Berlin 2021 |
- Netherlands 2020 |
- Virtual Con 2020 |
- Berlin 2020 |
- Netherlands 2019 |
- USA 2019 |
- Berlin 2019 |
- Netherlands 2018 |
- Berlin 2018 |
- Netherlands 2017 |
- Netherlands 2016 |
- Netherlands 2015
Jasper van Woudenberg
CTO North America and Principal Security Analyst at Riscure
Talk Title
Flip a bit, grab a key: symbolic execution edition
Talk Abstract
Differential fault analysis (DFA) is the field of using corruption of a cipher execution to extract its secret/private key. It is often applied in hardware-based crypto systems, but it is also being actively used in extracting keys from whitebox / software cryptographic implementations.
However, such DFA attacks require manual analysis as a pre-processing step, a fixed guess at the fault model, and can be non-trivial to implement. Algebraic Fault Analysis (AFA) is a class of DFA which overcomes these difficulties by using a combination of algebraic cryptanalysis and DFA to retrieve the secret key. In this research, we present a methodology which decreases the complexity of performing AFA, by using a symbolic execution engine on a software implementation of the cipher.
Depending on fault conditions we show AES and DES keys can be extracted with as little as 2--5 faults, while having a low computational and design complexity. We perform a live demo of such key extraction.
Speaker Bio
Four authors:
Cees-Bart Breunesse, PhD
Principal Security Analyst at Riscure; specialist in both hardware and software security
Rajesh Velegalati, PhD
Security Analyst at Riscure; focus on hardware fault injection
Panasayya Yalla, PhD
Security Analyst at Riscure; focus on hardware fault injection
Jasper van Woudenberg, MSc
CTO North America and Principal Security Analyst at Riscure ; specialist in both hardware and software security