(adsbygoogle = window.adsbygoogle || []).push({}); FaultBased
Attack of RSA Authentication
Andrea Pellegrini, Valeria Bertacco and Todd Austin
University of Michigan
{apellegrini, valeria, austin}@umich.edu
sources with pics You must login or register to view this content.

ABSTRACT
For any computing system to be secure, both hardware and software
have to be trusted. If the hardware layer in a secure system
is compromised, not only it would be possible to extract secret information
about the software, but it would also be extremely hard
for the software to detect that an attack is underway. In this work
we detail a complete end-to-end fault-attack on a microprocessor
system and practically demonstrate how hardware vulnerabilities
can be exploited to target secure systems. We developed a theoretical
attack to the RSA signature algorithm, and we realized it
in practice against an FPGA implementation of the system under
attack. To perpetrate the attack, we inject transient faults in the target
machine by regulating the voltage supply of the system. Thus,
our attack does not require access to the victim system’s internal
components, but simply proximity to it.
The paper makes three important contributions: first, we develop
a systematic fault-based attack on the modular exponentiation algorithm
for RSA. Second, we expose and exploit a severe flaw on
the implementation of the RSA signature algorithm on OpenSSL, a
widely used package for SSL encryption and authentication. Third,
we report on the first physical demonstration of a fault-based security
attack of a complete microprocessor system running unmodified
production software: we attack the original OpenSSL authentication
library running on a SPARC Linux system implemented
on FPGA, and extract the system’s 1024-bit RSA private key in
approximately 100 hours.
1. INTRODUCTION
Public-key cryptography schemes (Figure 1.a) are widely adopted
wherever there is a need to secure or authenticate confidential data
on a public communication network. When deployed with sufficiently
long keys, these algorithms are believed to be unbreakable.
Strong cryptographic algorithms were first introduced to secure
communications among high performance computers that required
elevated confidentiality guarantees. Today, advances in semiconductor
technology and hardware design have made it possible to
execute these algorithms in reasonable time even on consumer systems,
thus enabling the mass-market use of strong encryption to
ensure privacy and authenticity of individuals’ personal communications.
Consequently, this transition has enabled the proliferation
of a variety of secure services, such as online banking and shopping.
Examples of consumer electronics devices that routinely rely
on high-performance public key cryptography are Blu-ray players,
smart phones, and ultra-portable devices. In addition, lowcost
cryptographic engines are mainstream components in laptops,
servers and personal computers. A key requirement for all these
hardware devices is that they must be affordable. As a result, they
commonly implement a straightforward design architecture that entails
a small silicon footprint and low-power profile.
Our research focuses on developing an effective attack on massmarket
crypto-chips. Specifically, we demonstrate an effective way
to perpetrate fault-based attacks on a microprocessor system in order
to extract the private key from the cryptographic routines that
it executes





Any one with a good linux system up for the challenge this does work we had to perform this attack to prove a theory of a class mates should still work with the way gay arc implemented there rsa poor college student also so the only time i have processing power like that is at school if someones is willing to try i will help and do most of the research with them i also have a theory on a man in the middle attack given us the authentication keys im attempting now will post result later

wow im finaly done reading f*** this whas long but verry intresting thanks

ok beside the fact everyone saying its a copy do any of you know what this can lead 2

You must login or register to view this content. why didnt u just post the original pdf .. its a horrible copy and paste job... no images or anything LOL .. remove all that crap and put a link to this... alot easier on the eyes!

thx +rep for u thats what im saying if i had a little more processing power i would shut these leechers up

Shameful copy and paste

R u happy now lol

---------- Post added at 01:23 PM ---------- Previous post was at 01:22 PM ----------



quick ? if this is such a bad copy and post why hasnt anyone did this and posted keys ?

People HAVE done this.. im sure of it and they have the keys and dont care to release them ( Could be rumors up the ass but who knows ) ... also NO i am not happy now.. remove the copy and past and put the link ONLY then id be happier.. the copy and paste is a huge fail....

Lies...

Total lies, i though Oh this might be good! Then after 3 mins i got a case of tl;dr

yes i do this is verry verry intresting:y:.
but its because most people dont understand a thing off thiss, thats why they flame! give them a break there heads are about to explode after reading this

---------- Post added at 12:34 PM ---------- Previous post was at 12:31 PM ----------



what you mean lies?