nach oben

Erschienen in:

2021 | OriginalPaper | Buchkapitel

VIRSA: Vectorized In-Register RSA Computation with Memory Disclosure Resistance

verfasst von : Yu Fu, Wei Wang, Lingjia Meng, Qiongxiao Wang, Yuan Zhao, Jingqiang Lin

Erschienen in: Information and Communications Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Memory disclosure attacks give adversaries access to sensitive data in memory, posing a serious threat to the security of cryptographic systems. For example, the plain private key in RAM is exposed to the attacker during RSA operation. In this paper, we propose a register-based RSA system with high efficiency, called VIRSA, so that CRT-enabled 2048-bit RSA is entirely carried out on CPU registers. The private key and the intermediate results during the calculation process are all stored in registers, and will not appear in memory, which effectively prevents memory disclosure attacks. The input RSA parameters are encrypted by an AES key. The AES key is stored in the privileged debug registers. For performance, we use AVX-512F instruction set to accelerate the RSA calculation. We adopt vector instructions to implement 1024-bit Montgomery multiplication and make use of redundant representation to solve the carry propagation problem. Experiments on Intel Xeon Silver 4208 CPU shows that VIRSA achieves a performance factor of 0.8 compared to the OpenSSL RSA implementation, which outperforms existing approaches such as PRIME. Furthermore, we make use of the windowing method to improve the RSA performance. The precomputed table is encrypted by the AES key to ensure security. The performance of VIRSA using the fixed windowing method slightly exceeds OpenSSL, achieving a performance factor of 1.02.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Software Obfuscation with Non-Linear Mixed Boolean-Arithmetic Expressions

Nächstes Kapitel Informer: Protecting Intel SGX from Cross-Core Side Channel Threats

Halderman, J.A., et al.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)CrossRef

Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRef

Böck, B., Austria, S.B.: Firewire-based physical security attacks on windows 7, EFS and BitLocker. Secure Business Austria Research Lab (2009)

Carrier, B.D., Grand, J.: A hardware-based memory acquisition procedure for digital investigations. Digit. Investig. 1(1), 50–60 (2004)CrossRef

Yang, Y., Guan, Z., Liu, Z., Chen, Z.: Protecting elliptic curve cryptography against memory disclosure attacks. In: Hui, L.C.K., Qing, S.H., Shi, E., Yiu, S.M. (eds.) ICICS 2014. LNCS, vol. 8958, pp. 49–60. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21966-0_4CrossRef

Zhao, Y., Lin, J., Pan, W., Xue, C., Zheng, F., Ma, Z.: RegRSA: using registers as buffers to resist memory disclosure attacks. In: Hoepman, J.-H., Katzenbeisser, S. (eds.) SEC 2016. IAICT, vol. 471, pp. 293–307. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33630-5_20CrossRef

Müller, T., Freiling, F.C., Dewald, A.: TRESOR runs encryption securely outside RAM. In: USENIX Security Symposium, vol. 17, p. 103 (2011)

Garmany, B., Müller, T.: PRIME: private RSA infrastructure for memory-less encryption. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 149–158 (2013)

Müller, T., Dewald, A., Freiling, F.C.: AESSE: a cold-boot resistant implementation of AES. In: Proceedings of the Third European Workshop on System Security, pp. 42–47 (2010)

10.

Simmons, P.: Security through amnesia: a software-based solution to the cold boot attack on disk encryption. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 73–82 (2011)

11.

Parker, T.P., Xu, S.: A method for safekeeping cryptographic keys from memory disclosure attacks. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 39–59. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14597-1_3CrossRef

12.

Pabel, J.: Frozen cache (2009). Blog: http://frozenchache.blogspot.com

13.

Guan, L., Lin, J., Luo, B., Jing, J.: Copker: computing with private keys without RAM. In: NDSS (2014)

14.

Guan, L., Lin, J., Luo, B., Jing, J., Wang, J.: Protecting private keys against memory disclosure attacks using hardware transactional memory. In: 2015 IEEE Symposium on Security and Privacy, pp. 3–19. IEEE (2015)

15.

Gueron, S., Krasnov, V.: Software implementation of modular exponentiation, using advanced vector instructions architectures. In: Özbudak, F., Rodríguez-Henríquez, F. (eds.) WAIFI 2012. LNCS, vol. 7369, pp. 119–135. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31662-3_9CrossRefMATH

16.

Intel advanced vector extensions 512 (avx-512). https://www.intel.com/content/www/us/en/architecture-and-technology/avx-512-overview.html

17.

Koc, C.K., Acar, T., Kaliski, B.S.: Analyzing and comparing montgomery multiplication algorithms. IEEE Micro 16(3), 26–33 (1996)CrossRef

18.

Koc, C.K.: High-speed RSA implementation. Technical report, TR-201, RSA Laboratories (1994)

19.

Lomont, C.: Introduction to intel advanced vector extensions. Intel white paper 23 (2011)

20.

Intel: Intel 64 and IA-32 architectures software developer’s manual volume 2 (2A, 2B, 2C & 2D): Instruction set reference, A-Z (2020)

21.

Intel intrinsics guide. https://software.intel.com/sites/landingpage/IntrinsicsGuide/

22.

Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)MathSciNetCrossRef

23.

Bernstein, D.J.: Cache-timing attacks on AES (2005)

24.

Bonneau, J., Mironov, I.: Cache-collision timing attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_16CrossRef

25.

Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)CrossRef

Titel: VIRSA: Vectorized In-Register RSA Computation with Memory Disclosure Resistance
verfasst von: Yu Fu
Wei Wang
Lingjia Meng
Qiongxiao Wang
Yuan Zhao
Jingqiang Lin
Verlag: Springer International Publishing
Buch: Information and Communications Security
Print ISBN: 978-3-030-86889-5

Electronic ISBN: 978-3-030-86890-1

Copyright-Jahr: 2021
DOI: https://doi.org/10.1007/978-3-030-86890-1_17

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner