|
[分享]OpenSSL中文电子档。
※ 這是一篇破解 Open SSL 的技術文章.....,原本想放在RSA類,因為考量內容談論 Open SSL,且加百力版主正致力研究 Open SSL..... New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures Onur Acıic¸mez1, Shay Gueron2;3, and Jean-Pierre Seifert4 1 Samsung Information Systems America, San Jose, USA 2 Department of Mathematics, University of Haifa, Haifa, 31905, ISRAEL 3 Intel Corporation, IDC, ISRAEL 4 Institute for Computer Science, University of Innsbruck, 6020 Innsbruck, AUSTRIA [email]onur.aciicmez@gmail.com[/email], [email]shay@math.haifa.ac.il[/email], [email]jeanpierreseifert@yahoo.com[/email] Abstract Software based side-channel attacks allow an unprivileged spy process to extract secret information from a victim (cryptosystem) process by exploiting some indirect leakage of “side-channel” information. It has been realized that some components of modern computer microarchitectures leak certain side-channel information and can create unforeseen security risks. An example of such MicroArchitectural Side-Channel Analysis is the Cache Attack — a group of attacks that exploit information leaks from cache latencies [4, 7, 13, 15, 17]. Public awareness of Cache Attack vulnerabilities lead software writers of OpenSSL (version 0.9.8a and subsequent versions) to incorporate countermeasures for preventing these attacks. In this paper, we present a new and yet unforeseen side channel attack that is enabled by the recently published Simple Branch Prediction Analysis (SBPA) which is another type of MicroArchitectural Analysis, cf. [2, 3]. We show that modular inversion — a critical primitive in public key cryptography — is a natural target of SBPA attacks because it typically uses the Binary Extended Euclidean algorithm whose nature is an input-centric sequence of conditional branches. Our results show that SBPA can be used to extract secret parameters during the execution of the Binary Extended Euclidean algorithm. This poses a new potential risk to crypto-applications such as OpenSSL, which already employs Cache Attack countermeasures. Thus, it is necessary to develop new software mitigation techniques for BPA and incorporate them with cache analysis countermeasures in security applications. To mitigate this new risk in full generality, we apply a security-aware algorithm design methodology and propose some changes to the CRT-RSA algorithm flow. These changes either avoid some of the steps that require modular inversion, or remove the critical information leak from this procedure. In addition, we also show by example that, independently of the required changes in the algorithms, careful software analysis is also required in order to assure that the software implementation does not inadvertently introduce branches that may expose the application to SBPA attacks. These offer several simple ways for modifying OpenSSL in order to mitigate Branch Prediction Attacks. Keywords: Side channel attacks, branch prediction attacks, cache eviction attacks, Binary Extended Euclidean Algorithm, modular inversion, software mitigation methods, OpenSSL, RSA, CRT. |
|
|
|
[分享]Kong-Song Protocol.
您說的也對。 我當初是想把它區分成,publick key, RFID, stream cipher, digital singature, RSA, Elgamal, block cipher, key agreement, AES 及 ID based 與 water marking 等幾類。 基本上,放上來的每一篇我都讀過了,也知道它們的弱點在哪。 我應該放慢一點,好好分類一下。 謝謝您的建議與題醒。 |
|
[原创]流密碼內嵌魔方陣於隨機存檔之研究--Utility
哇賽~~ Loka, arab 及 lingyu 三劍客都出現了。 再配上 ccfer 及 sessiondiy 雙雄,....呵....呵.... 真熱鬧~~ 當然還有其他版大的參與~~ |
|
|
|
|
|
[原创]流密碼內嵌魔方陣於隨機存檔之研究--Utility
1) 這方法不是你所知道的 LSFR (Linear Shift Feedback Register) 及 LCG( Linear congruential generator) 裏的 Stream Cipher。 您不能當看到 stream cipher 就斷定他是古老的東西。 這是以一個 public key 為基礎再配上 Quadratic Residue 為主的 Stream Cipher,很類似LCG 型態。 您所知道的應該只是LFSR 被破解的那段information,您可能還沒 update new information。 2) 這個方法可以跟 Quatum Crypto 有3 個相同的 properties,所以它很有看頭。 只不過,我很平民化的來講解,讓大家知道那是什麼東西。 3) 如果您真覺得沒什麼,沒關係,歡迎您 challenge 它, 這樣我更知道它的弱點在哪。 謝謝。 |
|
[原创]PE感染型病毒的研究和代码实现,附上代码和论文
1) 這個程式若在 pure DOS mode,它就無法發揮效用。 當有人在 pure DOS mode 去 debugging 時,virus code 就容易被找出來。 因為在 pure DOS mode 是不具感染力的。 建議原author 增加在 pure DOS environment 的 execution 能力。 2) 如果加上了這些 code... 在發作時,順便把 Boot Sector 及 MBR 給..... mov al,02h mov cx,1000h int 26h 會不會太...... 3) 以上只是說說,可別當真。 |
|
[原创]流密碼內嵌魔方陣於隨機存檔之研究--Utility
瞭解。 如果您瞭解的話,再麻煩您講給 ccfer 大大聽。 好幾位版友都稱讚您在cyrpto 這方面的造詣,謝謝撥冗參與。 Ps.不過我還是不懂您說的古老又過時是什麼意思? |
|
[原创][凌波微步]Mispand加密法
1) 我建議把這算法實作成軟件。 2) 然後參考我在 【原创】植基於RSA加密演算法頻率特性之研究--- Utilities 那帖的模式一樣,有一個 plain.txt 及一個 cipher.txt 文檔,讓大家可以實際比較之間的差異。 3) 不知樓主意下如何? |
|
[建议]給密碼學版的朋友。(灌水 or 簽到處)
我最近做得工作很多都和密码学相关,特别是使用OpenSSL开发,感觉很有意思。 加百力版主會不會太誇張一點。 我只是初學者,懂得沒您們多。 |
|
[求助]rockinuk请进一下
大家一起努力吧。 ^_^ 因為我電腦只有繁體字,萬一不小心掛了,得送回台灣。 所以我暫時還沒打算安裝其他軟件,等我回台北後,我會去裝簡体的系統。 這段時間,請大家多包涵。 ^_* |
|
|
|
|
|
[建议]給密碼學版的朋友。(灌水 or 簽到處)
哈~~哈~~哈~~謝謝您的祝福~~ 我還是當個見習生就好~~比較適合我~~ ^^ 當我階段性任務完成後~~我就會離開了~~ 這裏高手太多~~我怕怕~@@~~ |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值