How Secure Is Green IT? The Case of Software-Based Energy Side Channels

Software-based energy measurement features in contemporary CPUs allow one to track and to limit energy consumption, e.g., for realizing green IT. The security implications of software-based energy measurement, however, are not well understood. In this article, we study such security implications of green IT. More concretely, we show that side-channel attacks can be established using software-based energy measurement at the example of a popular RSA implementation. Using distinguishing experiments, we identify a side-channel vulnerability that enables attackers to distinguish RSA keys by measuring energy consumption. We demonstrate that a surprisingly low number of sample measurements suffices to succeed in an attack with high probability. In contrast to traditional power side-channel attacks, no physical access to hardware is needed. This makes the vulnerabilities particularly serious.

[1]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[2]  Gernot Heiser,et al.  The Last Mile: An Empirical Study of Timing Channels on seL4 , 2014, CCS.

[3]  David Schultz,et al.  The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks , 2005, ICISC.

[4]  Billy Bob Brumley,et al.  Remote Timing Attacks Are Still Practical , 2011, ESORICS.

[5]  Heiko Mantel,et al.  Transforming Out Timing Leaks, More or Less , 2015, ESORICS.

[6]  Tom Chothia,et al.  Statistical Measurement of Information Leakage , 2010, TACAS.

[7]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[8]  Hermann Härtig,et al.  Measuring energy consumption for short code paths using RAPL , 2012, PERV.

[9]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[10]  Gabi Nakibly,et al.  PowerSpy: Location Tracking Using Mobile Device Power Analysis , 2015, USENIX Security Symposium.

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[13]  Christof Paar,et al.  A New Class of Collision Attacks and Its Application to DES , 2003, FSE.

[14]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[15]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[16]  Frédéric Valette,et al.  Enhancing Collision Attacks , 2004, CHES.

[17]  Heiko Mantel,et al.  A Systematic Study of Cache Side Channels Across AES Implementations , 2017, ESSoS.

[18]  Jan Reineke,et al.  CacheAudit: A Tool for the Static Analysis of Cache Side Channels , 2013, TSEC.

[19]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[20]  Suguru Arimoto,et al.  An algorithm for computing the capacity of arbitrary discrete memoryless channels , 1972, IEEE Trans. Inf. Theory.

[21]  Onur Aciiçmez,et al.  Predicting Secret Keys Via Branch Prediction , 2007, CT-RSA.

[22]  Romain Rouvoy,et al.  Monitoring Energy Hotspots in Software Energy Profiling of Software Code , 2014 .

[23]  Lin Yan,et al.  A Study on Power Side Channels on Mobile Devices , 2015, Internetware.

[24]  No License,et al.  Intel ® 64 and IA-32 Architectures Software Developer ’ s Manual Volume 3 A : System Programming Guide , Part 1 , 2006 .

[25]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[26]  Romain Rouvoy,et al.  Monitoring energy hotspots in software , 2014, Automated Software Engineering.

[27]  Juliane Krämer,et al.  Bounding the Cache-Side-Channel Leakage of Lattice-Based Signature Schemes Using Program Semantics , 2017, FPS.

[28]  Jean-Jacques Quisquater,et al.  Information Theoretic Evaluation of Side-Channel Resistant Logic Styles , 2007, CHES.

[29]  Rahul Khanna,et al.  RAPL: Memory power estimation and capping , 2010, 2010 ACM/IEEE International Symposium on Low-Power Electronics and Design (ISLPED).

[30]  Richard E. Blahut,et al.  Computation of channel capacity and rate-distortion functions , 1972, IEEE Trans. Inf. Theory.

[31]  Thomas M. Cover,et al.  Elements of Information Theory 2006 , 2009 .

[32]  Robert H. Sloan,et al.  Power Analysis Attacks of Modular Exponentiation in Smartcards , 1999, CHES.

[33]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[34]  Sorin Lerner,et al.  On Subnormal Floating Point and Abnormal Timing , 2015, 2015 IEEE Symposium on Security and Privacy.

[35]  Tom Chothia,et al.  A Traceability Attack against e-Passports , 2010, Financial Cryptography.

[36]  Gilles Barthe,et al.  Preventing Timing Leaks Through Transactional Branching Instructions , 2006, QAPL.

[37]  Jason Flinn,et al.  Quantifying the energy consumption of a pocket computer and a Java virtual machine , 2000, SIGMETRICS '00.

[38]  Geoffrey Smith,et al.  Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[39]  Stefan Mangard,et al.  A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion , 2002, ICISC.

[40]  Heiko Mantel,et al.  Transformational typing and unification for automatically correcting insecure programs , 2007, International Journal of Information Security.

[41]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA , 2009, CHES.

[42]  Heiko Mantel,et al.  An Evaluation of Bucketing in Systems with Non-deterministic Timing Behavior , 2018, SEC.

[43]  David A. Basin,et al.  An information-theoretic model for adaptive side-channel attacks , 2007, CCS '07.

[44]  Stefan Mangard,et al.  ARMageddon: Cache Attacks on Mobile Devices , 2015, USENIX Security Symposium.

[45]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[46]  Roman Novak,et al.  SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation , 2002, Public Key Cryptography.

[47]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..