On Jan 29, 2:57=A0pm, austin
<aus...@xilinx.com> wrote:
> Differential Power Attack has been known (and used) for many years
> now, (it is not new at all)
>
> DPA was originally used to hack credit cards in Europe, and there are
> many other recorded (successful) attacks, as well.
>
> CRI is making a lot of noise about their alleged crack of one Virtex
> II Pro, 3DES key (168 bits), on one platform designed to facilitate
> just such attacks. =A0Is this claim confirmed? =A0By whom? =A0If I loaded
> the "secret" key, and I know the value, and then I claim I
> "discovered" its value ... seems that the real "key" here is to
> authentication: =A0who do you believe, and how can you be sure? =A0The
> 'motivation' for this seems unusually coincidental, as well...
>
> They also own a lot of IP, for the express purpose of countering
> DPA .... and making money. =A0They are looking for business. =A0If you
> want to protect yourself from DPA (and you think their methods might
> work), and you are very rich, give them a call. =A0Seems they need
> money. =A0Don't we all! =A0See 'motivation', above.
>
> The job of preventing ALL attacks, is known as anti tamper: =A0detect an
> attack, and remove all information of value (prevent the attack).
>
> Anti-tamper is not "owned" by CRI, and anyone can implement AT
> techniques, and, in any system that is supposed to be secure, AT is
> required.
>
> "Denial of Service" is another attack to worry about, and if you have
> physical access to a device, then a hammer is sufficient to conclude
> an effective "denial of service." =A0Removing the batteries, or
> unplugging the system can also be very effective.
>
> So, security is a big field, with many things to think (anticipate)
> about. =A0DPA is just one attack, of many.
>
> Like I said, if you are worried about DPA, then you should also be
> worried about DoS, AT, and many other forms of attack. =A0By itself, DPA
> might be the least of your concerns.
>
> If you already work in this field, you already know that there are
> existing solutions for all of these attacks. =A0Attackers have a natural
> advantage: =A0they can think up new attacks all day long. =A0Defenders
> have it tough: =A0they must defend against ALL present, and future
> attacks, right now.
>
> And, there are not only threats to your systems, there are threats to
> your way of doing business: =A0If you are unfortunate enough to have
> implemented a defense that someone else has a patent on, then you will
> face an entirely different threat: =A0someone demanding money!
>
> I wish CRI all the best in their endeavors,
>
> Austin

Austin,

Thanks for your insights. I was rather hoping you would jump in on
this question.

I'm pretty skeptical of the claimed vulnerabilities. I imagine that
it's possible to extract a key with DPA under properly controlled
conditions, but it seems to me that controlling the conditions for any
random hardware that the black hats want to crack would be fairly
difficult. As I mentioned to my boss when he pointed this article out
to me, the first question that I ask when I read something like this
is "What are they trying to sell?" and you've answered that one.

In my case, we're protecting IP - we don't want our algorithms out
there. Others may be protecting the processed data, or guarding
against counterfeiting. Each of these requires a different web of
protection, and bitstream encryption is just one strand in the web.
Prudence dictates your web have more than one strand.

Eric

On Jan 29, 5:35=A0pm, emeb
<ebromba...@gmail.com> wrote:
> On Jan 29, 2:57=A0pm, austin <aus...@xilinx.com> wrote:
>
>
>
> > Differential Power Attack has been known (and used) for many years
> > now, (it is not new at all)
>
> > DPA was originally used to hack credit cards in Europe, and there are
> > many other recorded (successful) attacks, as well.
>
> > CRI is making a lot of noise about their alleged crack of one Virtex
> > II Pro, 3DES key (168 bits), on one platform designed to facilitate
> > just such attacks. =A0Is this claim confirmed? =A0By whom? =A0If I load=
ed
> > the "secret" key, and I know the value, and then I claim I
> > "discovered" its value ... seems that the real "key" here is
to
> > authentication: =A0who do you believe, and how can you be sure? =A0The
> > 'motivation' for this seems unusually coincidental, as well...
>
> > They also own a lot of IP, for the express purpose of countering
> > DPA .... and making money. =A0They are looking for business. =A0If you
> > want to protect yourself from DPA (and you think their methods might
> > work), and you are very rich, give them a call. =A0Seems they need
> > money. =A0Don't we all! =A0See 'motivation', above.
>
> > The job of preventing ALL attacks, is known as anti tamper: =A0detect a=
n
> > attack, and remove all information of value (prevent the attack).
>
> > Anti-tamper is not "owned" by CRI, and anyone can implement AT
> > techniques, and, in any system that is supposed to be secure, AT is
> > required.
>
> > "Denial of Service" is another attack to worry about, and if you have
> > physical access to a device, then a hammer is sufficient to conclude
> > an effective "denial of service." =A0Removing the batteries, or
> > unplugging the system can also be very effective.
>
> > So, security is a big field, with many things to think (anticipate)
> > about. =A0DPA is just one attack, of many.
>
> > Like I said, if you are worried about DPA, then you should also be
> > worried about DoS, AT, and many other forms of attack. =A0By itself, DP=
A
> > might be the least of your concerns.
>
> > If you already work in this field, you already know that there are
> > existing solutions for all of these attacks. =A0Attackers have a natura=
l
> > advantage: =A0they can think up new attacks all day long. =A0Defenders
> > have it tough: =A0they must defend against ALL present, and future
> > attacks, right now.
>
> > And, there are not only threats to your systems, there are threats to
> > your way of doing business: =A0If you are unfortunate enough to have
> > implemented a defense that someone else has a patent on, then you will
> > face an entirely different threat: =A0someone demanding money!
>
> > I wish CRI all the best in their endeavors,
>
> > Austin
>
> Austin,
>
> Thanks for your insights. I was rather hoping you would jump in on
> this question.
>
> I'm pretty skeptical of the claimed vulnerabilities. I imagine that
> it's possible to extract a key with DPA under properly controlled
> conditions, but it seems to me that controlling the conditions for any
> random hardware that the black hats want to crack would be fairly
> difficult. As I mentioned to my boss when he pointed this article out
> to me, the first question that I ask when I read something like this
> is "What are they trying to sell?" and you've answered that one.
>
> In my case, we're protecting IP - we don't want our algorithms out
> there. Others may be protecting the processed data, or guarding
> against counterfeiting. Each of these requires a different web of
> protection, and bitstream encryption is just one strand in the web.
> Prudence dictates your web have more than one strand.
>
> Eric

A key point to keep in mind: DPA requires many samples in order to
improve the signal to noise ratio. The defender can add noise, make
sampling more difficult, or both.

John

On 1/28/2010 11:55 PM, emeb wrote:
>
> A lot of scary hype and generalities, but the underlying message seems
> to be that by using Differential Power Analysis it's possible to
> decrypt a protected FPGA design. Basic idea is to monitor the power
> consumption while loading the encrypted design, then via some kind of
> magic infer what the plaintext bitstream is and then reverse engineer
> it.
>
> Sounds like someone at a security research outfit is trying to sell
> some consulting hours to me, but what's the general feeling about
> this? Is this a real threat, and what are the realistic barriers to
> applying this attack?
>
> Eric

If you're that interested, why not give them one of your boards and say 
you'll consider buying their product if they can tell you the key?
Cheers, Syms.

On 29 Jan., 08:45, Kolja Sulimma
<ksuli...@googlemail.com> wrote:
> DPA =A0should be relatively easy on FPGAs. (But still hard)
> Usually an attacker using DPA has to guess the workings of the
> algorithm
> in the device. They use lots of statisctics to find clock cycles that
> show
> a small difference in power consumption when the key has a 1 or 0 at
> a certain bit.
>
> The advantage of an attack an on FPGA is, that the attacker can buy an
> identical FPGA and start experimenting with his own keys and own
> bitstreams

Thinking about doing this for devices with OTP Key engaging a good
industry spy may be cheaper and quicker.