Whip the Whisperer: Simulating Side Channel Leakage

"Discover the surprising ways AES engines leak side-channel information, and learn how to identify these weaknesses using gate-level modeling, correlation power analysis, and simulators like Skate to design more secure chips."

Key takeaways
  • Whip the Whisperer: Simulating Side Channel Leakage
  • AES engine leaks in unexpected places, not just the CPU
  • Measured leakage in 10 rounds, mostly before AES engine takes over
  • CPA (Correlation Power Analysis) used to analyze side-channel leakage
  • Masks used to mitigate leakage, but not effective enough
  • Gate-level modeling necessary to identify leakage points
  • Found leakage in ALUs and registers in the AES engine
  • 3 types of leakage: power, EM, and timing
  • Masking does not completely eliminate leakage, just shifts it
  • Countermeasures need to be designed in from the start, not as an afterthought
  • Correlation analysis can identify leakage, even with masking
  • Simulators like Skate can help design and test secure chips
  • Real-world chips are often not tested for side-channel leakage
  • AES masking is not enough to protect against side-channel attacks
  • Countermeasures should be designed to be resilient against multiple types of attacks

More talks

I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers' Tradecraft

From Dead Data to Digestion: Extracting Windows Fibers for Your Digital Forensics Diet

Prof. Dr. Sabina Jeschke | AI and Quantum Computing Transforming the Landscape | Rise of AI 2023

International Threat Actors are Targeting Children to Steal Money from Banks & Major Corporations

How We Taught ChatGPT-4 to Break mbedTLS AES With Side-Channel Attacks

Opening Keynote by Anthony Di Iorio Founder of Andiami, Decentral and Ethereum | Futurist 2023

A New Trend for the Blue Team: Using a Symbolic Engine to Detect Evasive Forms of Malware/Ransomware

SAINTCON 2023 - Ivan Koshkin - The Lifecycle of Detection Engineering