Implementation of Paillier cryptosystem & fault-injection attack on CEC 1702 processor
Implementace Paillierova kryptosystému a útok injekcí chyb na procesoru CEC 1702
Authors
Supervisors
Reviewers
Editors
Other contributors
Journal Title
Journal ISSN
Volume Title
Publisher
České vysoké učení technické v Praze
Czech Technical University in Prague
Czech Technical University in Prague
Date
Abstract
Bakalářská práce se zaměřuje na práci s kryptoprocesorem CEC1702. První část práce je orientovaná na zprovoznění programování kryptoprocesoru, úpra\-vu již vzniklé implementace knihovny pro práci s velkými čísly a implementace Paillierova kryptosystému pro zmíněný kryptoprocesor. Dále je v rámci práce vytvořen firmware, který umožňuje použití šifrovacího algoritmu RSA-CRT a Paillierova kryptosystému s variabilní délkou klíče. Druhá část práce se zaměřuje na útoky pomocí injekce chyb na šifrovací algoritmus RSA-CRT. Je použito generování zákmitů na napájení a zákmitů na zdroji hodinového signálu, a to pomocí sady ChipWhisperer. Útoky jsou nejprve úspěšně provedeny na mikrokontrolér STM32F3, kdy je RSA-CRT implementováno pomocí knihovny pro práci s velkými čísly z první části práce. S využitím znalostí z útoků na STM32F3 byla vytvořena další sada útoků pro kryptoprocesor CEC1702, a to pomocí zákmitů na zdroji napájení, jelikož CEC1702 nemá možnost využívat externí zdroj hodinového signálu. Útok byl proveden na dvě verze RSA-CRT. První verze odpovídá implementaci pro STM32F3. Druhá verze využívá hardwarový akcelerátor kryptografických operací. Útok byl na~obě verze implementace úspěšný. V rámci práce je nastíněn možný postup, jakým směrem vzniklé implementace a realizované útoky injekcí chyb rozšířit. V příloze práce lze nalézt vytvořený návod pro programování kryptoprocesoru a dokumentaci k firmware.
The bachelor thesis focuses on working with the CEC1702 cryptoprocessor. The first part of the thesis is oriented on programming the cryptoprocessor, modification of existing implementation of the library for operating on large numbers, and implementation of the Paillier cryptosystem for the mentioned cryptoprocessor. The thesis also includes development of firmware that allows the use of the RSA-CRT encryption algorithm and the Paillier cryptosystem with variable key length. The second part of the thesis focuses on fault injection attacks on the RSA-CRT encryption algorithm. Power supply glitches and clock source glitches used are generated using the ChipWhisperer suite. The attacks are first successfully performed on the STM32F3 microcontroller, where RSA-CRT is implemented using the library for operating on large numbers from the first part of the thesis. Using the knowledge from the attacks on the STM32F3, a further set of attacks was designed for the CEC1702 cryptoprocessor, using only power supply glitches, as the CEC1702 does not have the ability to use an external clock source. The attack was performed on two versions of RSA-CRT. The first version corresponds to the implementation for the STM32F3. The second version uses a hardware accelerator for cryptographic operations. The attack was successful on both versions of the implementation. This thesis outlines a possible approach to extend the created implementations and the implemented fault injection attacks. Created manual for programming the cryptoprocessor and the firmware documentation can be found in the appendix of the thesis.
The bachelor thesis focuses on working with the CEC1702 cryptoprocessor. The first part of the thesis is oriented on programming the cryptoprocessor, modification of existing implementation of the library for operating on large numbers, and implementation of the Paillier cryptosystem for the mentioned cryptoprocessor. The thesis also includes development of firmware that allows the use of the RSA-CRT encryption algorithm and the Paillier cryptosystem with variable key length. The second part of the thesis focuses on fault injection attacks on the RSA-CRT encryption algorithm. Power supply glitches and clock source glitches used are generated using the ChipWhisperer suite. The attacks are first successfully performed on the STM32F3 microcontroller, where RSA-CRT is implemented using the library for operating on large numbers from the first part of the thesis. Using the knowledge from the attacks on the STM32F3, a further set of attacks was designed for the CEC1702 cryptoprocessor, using only power supply glitches, as the CEC1702 does not have the ability to use an external clock source. The attack was performed on two versions of RSA-CRT. The first version corresponds to the implementation for the STM32F3. The second version uses a hardware accelerator for cryptographic operations. The attack was successful on both versions of the implementation. This thesis outlines a possible approach to extend the created implementations and the implemented fault injection attacks. Created manual for programming the cryptoprocessor and the firmware documentation can be found in the appendix of the thesis.