Déjà Vu: Side-Channel Analysis of Mozilla's NSS

Sohaib Ul Hassan; Iaroslav Gridin; Ignacio M. Delgado-Lozano; Cesar Pereida García; Jesús Javier Chi-Domínguez; Alejandro Cabrera Aldaya; Billy Bob Brumley

doi:10.1145/3372297.3421761

Déjà Vu: Side-Channel Analysis of Mozilla's NSS

Sohaib Ul Hassan, Iaroslav Gridin, Ignacio M. Delgado-Lozano, Cesar Pereida García, Jesús Javier Chi-Domínguez, Alejandro Cabrera Aldaya, Billy Bob Brumley

Computing Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

10 Citations (Scopus)

95 Downloads (Pure)

Abstract

Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same vulnerabilities in old and new products, highlighting a big issue among vendors: effectively tracking and fixing security vulnerabilities when disclosure is not done directly to them. In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library. We use a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Our evaluation uncovers several new vulnerabilities in NSS affecting DSA, ECDSA, and RSA cryptosystems. We exploit said vulnerabilities and implement key recovery attacks using signals - -extracted through different techniques such as timing, microarchitecture, and EM - -and improved lattice methods.

Original language	English
Title of host publication	CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Publisher	ACM
Pages	1887-1902
Number of pages	16
ISBN (Electronic)	9781450370899
DOIs	https://doi.org/10.1145/3372297.3421761
Publication status	Published - 30 Oct 2020
Publication type	A4 Article in conference proceedings
Event	ACM SIGSAC Conference on Computer and Communications Security - Duration: 9 Nov 2020 → 13 Nov 2020

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	ACM SIGSAC Conference on Computer and Communications Security
Period	9/11/20 → 13/11/20

Keywords

applied cryptography
CVE-2020-12399
CVE-2020-12401
CVE-2020-12402
CVE-2020-6829
DSA
ECDSA
lattice-based cryptanalysis
NSS
public key cryptography
RSA
side-channel analysis
software security

Publication forum classification

Publication forum level 2

ASJC Scopus subject areas

Software
Computer Networks and Communications

Access to Document

10.1145/3372297.3421761Licence: CC BY-NC-SA

3372297.3421761Final published version, 1.52 MBLicence: CC BY-NC-SA

http://urn.fi/URN:NBN:fi:tuni-202101151364Licence: CC BY-NC-SA

CVE-2020-12399: research data and tooling
Sohaib ul Hassan, N. (Creator), Gridin, I. (Creator), Delgado Lozano, I. (Creator), Pereida Garcia, C. (Creator), Chi Dominguez, J. (Creator), Cabrera Aldaya, A. (Creator) & Brumley, B. (Creator), Zenodo, 13 Aug 2020
DOI: 10.5281/zenodo.3982271
Dataset

Cite this

Hassan, S. U., Gridin, I., Delgado-Lozano, I. M., García, C. P., Chi-Domínguez, J. J., Aldaya, A. C., & Brumley, B. B. (2020). Déjà Vu: Side-Channel Analysis of Mozilla's NSS. In CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1887-1902). (Proceedings of the ACM Conference on Computer and Communications Security). ACM. https://doi.org/10.1145/3372297.3421761

@inproceedings{8c0fe464f0c2431a870e30dfdf73ba5e,

title = "D{\'e}j{\`a} Vu: Side-Channel Analysis of Mozilla's NSS",

abstract = "Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same vulnerabilities in old and new products, highlighting a big issue among vendors: effectively tracking and fixing security vulnerabilities when disclosure is not done directly to them. In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library. We use a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Our evaluation uncovers several new vulnerabilities in NSS affecting DSA, ECDSA, and RSA cryptosystems. We exploit said vulnerabilities and implement key recovery attacks using signals - -extracted through different techniques such as timing, microarchitecture, and EM - -and improved lattice methods.",

keywords = "applied cryptography, CVE-2020-12399, CVE-2020-12401, CVE-2020-12402, CVE-2020-6829, DSA, ECDSA, lattice-based cryptanalysis, NSS, public key cryptography, RSA, side-channel analysis, software security",

author = "Hassan, {Sohaib Ul} and Iaroslav Gridin and Delgado-Lozano, {Ignacio M.} and Garc{\'i}a, {Cesar Pereida} and Chi-Dom{\'i}nguez, {Jes{\'u}s Javier} and Aldaya, {Alejandro Cabrera} and Brumley, {Billy Bob}",

note = "Funding Information: The first author was supported in part by the Tuula and Yrj{\"o} Neuvo Fund through the Industrial Research Fund at Tampere University of Technology. Funding Information: This project has received funding from the European Research Council (ERC) under the European Union{\textquoteright}s Horizon 2020 research and innovation programme (grant agreement No 804476). Publisher Copyright: {\textcopyright} 2020 Owner/Author. Copyright: Copyright 2020 Elsevier B.V., All rights reserved. jufoid=50069; ACM SIGSAC Conference on Computer and Communications Security ; Conference date: 09-11-2020 Through 13-11-2020",

year = "2020",

month = oct,

day = "30",

doi = "10.1145/3372297.3421761",

language = "English",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "ACM",

pages = "1887--1902",

booktitle = "CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security",

address = "United States",

}

Hassan, SU , Gridin, I, Delgado-Lozano, IM, García, CP, Chi-Domínguez, JJ, Aldaya, AC & Brumley, BB 2020, Déjà Vu: Side-Channel Analysis of Mozilla's NSS. in CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, ACM, pp. 1887-1902, ACM SIGSAC Conference on Computer and Communications Security, 9/11/20. https://doi.org/10.1145/3372297.3421761

Déjà Vu: Side-Channel Analysis of Mozilla's NSS. / Hassan, Sohaib Ul ; Gridin, Iaroslav; Delgado-Lozano, Ignacio M. et al.
CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2020. p. 1887-1902 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Déjà Vu

T2 - ACM SIGSAC Conference on Computer and Communications Security

AU - Hassan, Sohaib Ul

AU - Gridin, Iaroslav

AU - Delgado-Lozano, Ignacio M.

AU - García, Cesar Pereida

AU - Chi-Domínguez, Jesús Javier

AU - Aldaya, Alejandro Cabrera

AU - Brumley, Billy Bob

N1 - Funding Information: The first author was supported in part by the Tuula and Yrjö Neuvo Fund through the Industrial Research Fund at Tampere University of Technology. Funding Information: This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No 804476). Publisher Copyright: © 2020 Owner/Author. Copyright: Copyright 2020 Elsevier B.V., All rights reserved. jufoid=50069

PY - 2020/10/30

Y1 - 2020/10/30

N2 - Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same vulnerabilities in old and new products, highlighting a big issue among vendors: effectively tracking and fixing security vulnerabilities when disclosure is not done directly to them. In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library. We use a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Our evaluation uncovers several new vulnerabilities in NSS affecting DSA, ECDSA, and RSA cryptosystems. We exploit said vulnerabilities and implement key recovery attacks using signals - -extracted through different techniques such as timing, microarchitecture, and EM - -and improved lattice methods.

AB - Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same vulnerabilities in old and new products, highlighting a big issue among vendors: effectively tracking and fixing security vulnerabilities when disclosure is not done directly to them. In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library. We use a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Our evaluation uncovers several new vulnerabilities in NSS affecting DSA, ECDSA, and RSA cryptosystems. We exploit said vulnerabilities and implement key recovery attacks using signals - -extracted through different techniques such as timing, microarchitecture, and EM - -and improved lattice methods.

KW - applied cryptography

KW - CVE-2020-12399

KW - CVE-2020-12401

KW - CVE-2020-12402

KW - CVE-2020-6829

KW - DSA

KW - ECDSA

KW - lattice-based cryptanalysis

KW - NSS

KW - public key cryptography

KW - RSA

KW - side-channel analysis

KW - software security

U2 - 10.1145/3372297.3421761

DO - 10.1145/3372297.3421761

M3 - Conference contribution

AN - SCOPUS:85096157246

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1887

EP - 1902

BT - CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

PB - ACM

Y2 - 9 November 2020 through 13 November 2020

ER -

Hassan SU , Gridin I, Delgado-Lozano IM, García CP, Chi-Domínguez JJ, Aldaya AC et al. Déjà Vu: Side-Channel Analysis of Mozilla's NSS. In CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. ACM. 2020. p. 1887-1902. (Proceedings of the ACM Conference on Computer and Communications Security). doi: 10.1145/3372297.3421761

Déjà Vu: Side-Channel Analysis of Mozilla's NSS

Abstract

Publication series

Conference

Keywords

Publication forum classification

ASJC Scopus subject areas

Access to Document

Fingerprint

Datasets

CVE-2020-12399: research data and tooling

Cite this