Tampere University of Technology

TUTCRIS Research Portal

Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Standard

Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. / Tuveri, Nicola; ul Hassan, Sohaib; Pereida Garcia, Cesar; Brumley, Billy.

ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference. New York : ACM, 2018. p. 147-160.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Harvard

Tuveri, N, ul Hassan, S, Pereida Garcia, C & Brumley, B 2018, Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. in ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference. ACM, New York, pp. 147-160, Annual Computer Security Applications Conference , 3/12/18. https://doi.org/10.1145/3274694.3274725

APA

Tuveri, N., ul Hassan, S., Pereida Garcia, C., & Brumley, B. (2018). Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. In ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference (pp. 147-160). New York: ACM. https://doi.org/10.1145/3274694.3274725

Vancouver

Tuveri N, ul Hassan S, Pereida Garcia C, Brumley B. Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. In ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference. New York: ACM. 2018. p. 147-160 https://doi.org/10.1145/3274694.3274725

Author

Tuveri, Nicola ; ul Hassan, Sohaib ; Pereida Garcia, Cesar ; Brumley, Billy. / Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference. New York : ACM, 2018. pp. 147-160

Bibtex - Download

@inproceedings{c5daf7f9d7684daf9e7b0ea78f0b6475,
title = "Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study",
abstract = "SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.",
author = "Nicola Tuveri and {ul Hassan}, Sohaib and {Pereida Garcia}, Cesar and Billy Brumley",
year = "2018",
month = "12",
day = "3",
doi = "10.1145/3274694.3274725",
language = "English",
pages = "147--160",
booktitle = "ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference",
publisher = "ACM",

}

RIS (suitable for import to EndNote) - Download

TY - GEN

T1 - Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study

AU - Tuveri, Nicola

AU - ul Hassan, Sohaib

AU - Pereida Garcia, Cesar

AU - Brumley, Billy

PY - 2018/12/3

Y1 - 2018/12/3

N2 - SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.

AB - SM2 is a public key cryptography suite originating from Chinese standards, including digital signatures and public key encryption. Ahead of schedule, code for this functionality was recently mainlined in OpenSSL, marked for the upcoming 1.1.1 release. We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks. To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade. We carry out remote timings, cache timings, and EM analysis, with accompanying empirical data to demonstrate secret information leakage during execution of both digital signature generation and public key decryption. Finally, we propose, implement, and empirically evaluate countermeasures.

U2 - 10.1145/3274694.3274725

DO - 10.1145/3274694.3274725

M3 - Conference contribution

SP - 147

EP - 160

BT - ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference

PB - ACM

CY - New York

ER -