Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

Nicola Tuveri; Sohaib ul Hassan; Cesar Pereida Garcia; Billy Brumley

doi:10.1145/3274694.3274725

Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

Nicola Tuveri, Sohaib ul Hassan, Cesar Pereida Garcia, Billy Brumley

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

17 Citations (Scopus)

83 Downloads (Pure)

Abstract

SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.

Original language	English
Title of host publication	ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference
Place of Publication	New York
Publisher	ACM
Pages	147-160
Number of pages	14
ISBN (Electronic)	978-1-4503-6569-7
DOIs	https://doi.org/10.1145/3274694.3274725
Publication status	Published - 3 Dec 2018
Publication type	A4 Article in conference proceedings
Event	Annual Computer Security Applications Conference - Duration: 3 Dec 2018 → 7 Dec 2018

Conference

Conference	Annual Computer Security Applications Conference
Period	3/12/18 → 7/12/18

Publication forum classification

Publication forum level 1

Access to Document

10.1145/3274694.3274725Licence: CC BY

Self-archived versionFinal published version, 5.01 MBLicence: CC BY

Electromagnetic (EM) side-channel traces of elliptic curve point multiplication during SM2 decryption in OpenSSL
Tuveri, N. (Creator), Sohaib ul Hassan, N. (Creator), Pereida Garcia, C. (Creator) & Brumley, B. (Creator), Zenodo, 3 Dec 2018
DOI: 10.5281/zenodo.1436828
Dataset

COST Action (External organisation)
Brumley, B. (Member)
12 Dec 2014 → 11 Dec 2018
Activity: Membership › Regular membership of a society or network

Cite this

@inproceedings{c5daf7f9d7684daf9e7b0ea78f0b6475,

title = "Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study",

abstract = "SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.",

author = "Nicola Tuveri and {ul Hassan}, Sohaib and {Pereida Garcia}, Cesar and Billy Brumley",

year = "2018",

month = dec,

day = "3",

doi = "10.1145/3274694.3274725",

language = "English",

pages = "147--160",

booktitle = "ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference",

publisher = "ACM",

address = "United States",

note = "Annual Computer Security Applications Conference ; Conference date: 03-12-2018 Through 07-12-2018",

}

Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. / Tuveri, Nicola ; ul Hassan, Sohaib; Pereida Garcia, Cesar et al.
ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference. New York: ACM, 2018. p. 147-160.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

AU - Tuveri, Nicola

AU - ul Hassan, Sohaib

AU - Pereida Garcia, Cesar

AU - Brumley, Billy

PY - 2018/12/3

Y1 - 2018/12/3

N2 - SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.

AB - SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.

U2 - 10.1145/3274694.3274725

DO - 10.1145/3274694.3274725

M3 - Conference contribution

SP - 147

EP - 160

BT - ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference

PB - ACM

CY - New York

T2 - Annual Computer Security Applications Conference

Y2 - 3 December 2018 through 7 December 2018

ER -

Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

Abstract

Conference

Publication forum classification

Access to Document

Fingerprint

Datasets

Electromagnetic (EM) side-channel traces of elliptic curve point multiplication during SM2 decryption in OpenSSL

Activities

COST Action (External organisation)

Cite this