Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 1 | From e2202ff2b704623efc6277fb5256e4e15bac5676 Mon Sep 17 00:00:00 2001 |
| 2 | From: Werner Koch <wk@gnupg.org> |
| 3 | Date: Thu, 25 Jul 2013 11:17:52 +0200 |
| 4 | Subject: [PATCH] Mitigate a flush+reload cache attack on RSA secret |
| 5 | exponents. |
| 6 | |
| 7 | commit e2202ff2b704623efc6277fb5256e4e15bac5676 from |
| 8 | git://git.gnupg.org/libgcrypt.git |
| 9 | |
| 10 | * mpi/mpi-pow.c (gcry_mpi_powm): Always perfrom the mpi_mul for |
| 11 | exponents in secure memory. |
| 12 | |
| 13 | Upstream-Status: Backport |
| 14 | |
| 15 | Signed-off-by: Kai Kang <kai.kang@windriver.com> |
| 16 | -- |
| 17 | |
| 18 | The attack is published as http://eprint.iacr.org/2013/448 : |
| 19 | |
| 20 | Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel |
| 21 | Attack by Yuval Yarom and Katrina Falkner. 18 July 2013. |
| 22 | |
| 23 | Flush+Reload is a cache side-channel attack that monitors access to |
| 24 | data in shared pages. In this paper we demonstrate how to use the |
| 25 | attack to extract private encryption keys from GnuPG. The high |
| 26 | resolution and low noise of the Flush+Reload attack enables a spy |
| 27 | program to recover over 98% of the bits of the private key in a |
| 28 | single decryption or signing round. Unlike previous attacks, the |
| 29 | attack targets the last level L3 cache. Consequently, the spy |
| 30 | program and the victim do not need to share the execution core of |
| 31 | the CPU. The attack is not limited to a traditional OS and can be |
| 32 | used in a virtualised environment, where it can attack programs |
| 33 | executing in a different VM. |
| 34 | |
| 35 | Index: gnupg-1.4.7/mpi/mpi-pow.c |
| 36 | =================================================================== |
| 37 | --- gnupg-1.4.7.orig/mpi/mpi-pow.c |
| 38 | +++ gnupg-1.4.7/mpi/mpi-pow.c |
| 39 | @@ -212,7 +212,13 @@ mpi_powm( MPI res, MPI base, MPI exponen |
| 40 | tp = rp; rp = xp; xp = tp; |
| 41 | rsize = xsize; |
| 42 | |
| 43 | - if( (mpi_limb_signed_t)e < 0 ) { |
| 44 | + /* To mitigate the Yarom/Falkner flush+reload cache |
| 45 | + * side-channel attack on the RSA secret exponent, we do |
| 46 | + * the multiplication regardless of the value of the |
| 47 | + * high-bit of E. But to avoid this performance penalty |
| 48 | + * we do it only if the exponent has been stored in secure |
| 49 | + * memory and we can thus assume it is a secret exponent. */ |
| 50 | + if (esec || (mpi_limb_signed_t)e < 0) { |
| 51 | /*mpihelp_mul( xp, rp, rsize, bp, bsize );*/ |
| 52 | if( bsize < KARATSUBA_THRESHOLD ) { |
| 53 | mpihelp_mul( xp, rp, rsize, bp, bsize ); |
| 54 | @@ -227,6 +233,8 @@ mpi_powm( MPI res, MPI base, MPI exponen |
| 55 | mpihelp_divrem(xp + msize, 0, xp, xsize, mp, msize); |
| 56 | xsize = msize; |
| 57 | } |
| 58 | + } |
| 59 | + if ( (mpi_limb_signed_t)e < 0 ) { |
| 60 | |
| 61 | tp = rp; rp = xp; xp = tp; |
| 62 | rsize = xsize; |