Torturing OpenSSL

Explore a comprehensive analysis of hardware vulnerabilities in secure computing systems through this Black Hat USA 2012 conference talk. Delve into a detailed end-to-end security attack on a microprocessor system, demonstrating how hardware weaknesses can be exploited to compromise software-secure systems. Learn about a side-channel attack on the RSA signature algorithm using transient hardware faults induced through various methods. Discover the process of extracting private RSA keys from erroneously signed messages affected by single-bit faults during Fixed Window Exponentiation. Examine the attack implementation using an FPGA platform with a SPARC-based microprocessor running unmodified Linux and OpenSSL. Understand the implications of this attack, which requires only proximity to the victim system and leaves no detectable trail. Witness a live demonstration of the attack on an FPGA platform using a simplified 128-bit private key system.

Introduction
Cryptography is everywhere
Consumer devices
RSA Authentication
How does it work
Authentication
Attacks
Faults
Theory
Hardware
Openssl Authentication
Private Key Instruction
Simple Case
Fault Injection
Final Result
Last Attempt
Analysis
Conclusions
Takehome message