• Login
    View Item 
    •   SMARTech Home
    • Georgia Tech Theses and Dissertations
    • Georgia Tech Theses and Dissertations
    • View Item
    •   SMARTech Home
    • Georgia Tech Theses and Dissertations
    • Georgia Tech Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Making Crypto Libraries Robust Against Physical Side-channel Attacks

    Thumbnail
    View/Open
    ALAM-DISSERTATION-2019.pdf (3.914Mb)
    Date
    2019-10-30
    Author
    Alam, Md Monjur
    Metadata
    Show full item record
    Abstract
    The connection between theoretical and applied cryptography is often not well established due to difficulties in translating the theoretical security proofs to real world software and hardware implementations. Physical side-channel cryptanalysis is a very effective approach to break a secure cryptographic system. Most side-channel attacks on cryptographic primitives and implementations rely on different control flow or memory access patterns. As a countermeasure, the cryptographic community has established the notion of constant time program code which avoids secret-dependent control flow and data access patterns. This thesis focuses on detailing a set of new techniques to exploit widely used open sources for software implementations of cryptographic primitives. First, we present One&Done, a side-channel attack that is based on the analysis of signals that correspond to the brief computation activity that computes the value of each window during exponentiation, i.e. activity between large-integer multiplications. As the attack is message-independent, it makes the attack completely immune to existing countermeasures that focus on thwarting chosen-ciphertext attacks and/or square/multiply sequence analysis. Second, we present Nonce@Once, the first side-channel attack that recovers the secret scalar from the electromagnetic signal that corresponds to a single signing operation in current versions of Libgcrypt, OpenSSL. Our attack uses the signal differences created by systematic differences in operand values during a conditional swap operation itself to recover each bit of the secret. We also propose a mitigation that randomizes the exclusive-or mask in the conditional swap operation, is effective in preventing this and similar attacks. Next, we present a physical side-channel attack on DSA implementation, which utilizes constant-time fixed-window (m-ary) modular exponentiation. We demonstrated different implementation aspects and their effects as countermeasures which embrace the importance of re-thinking before designing and implementing PKC, in general. Lastly, We present the security issues on NAF based OpenSSL's ECDSA implementation.
    URI
    http://hdl.handle.net/1853/64029
    Collections
    • College of Computing Theses and Dissertations [1071]
    • Georgia Tech Theses and Dissertations [22401]
    • School of Computer Science Theses and Dissertations [79]

    Browse

    All of SMARTechCommunities & CollectionsDatesAuthorsTitlesSubjectsTypesThis CollectionDatesAuthorsTitlesSubjectsTypes

    My SMARTech

    Login

    Statistics

    View Usage StatisticsView Google Analytics Statistics
    facebook instagram twitter youtube
    • My Account
    • Contact us
    • Directory
    • Campus Map
    • Support/Give
    • Library Accessibility
      • About SMARTech
      • SMARTech Terms of Use
    Georgia Tech Library266 4th Street NW, Atlanta, GA 30332
    404.894.4500
    • Emergency Information
    • Legal and Privacy Information
    • Human Trafficking Notice
    • Accessibility
    • Accountability
    • Accreditation
    • Employment
    © 2020 Georgia Institute of Technology