Research Artifacts

NISEC supports Open Science with freely available research artifacts including data sets and open source software.

The ACM defines a research artifact as "a digital object that was either created by the authors to be used as part of the study or generated by the experiment itself." Find the most recent version of several of our FOSS projects from our GitLab page. Even better—collaborate with us and submit PRs!

CVE-2020-12399: research data and toolingCVE-2020-12399: NSS timing attack on DSACVE-2020-12402: NSS RSA key generation side-channel attackCVE-2020-12401: NSS timing-attack on ECDSACVE-2020-6829: NSS side-channel attacks on scalar multiplicationECCKiilaECCKAT: co-factor ECC CDHProjective coordinates leakage: research data and toolingCVE-2020-10932: Mbed TLS inversion leakageCVE-2020-12400: NSS inversion leakageCVE-2020-11735: wolfSSL inversion leakageCVE-2019-18222: research data and toolingCVE-2019-18222CVE-2019-1547: research data and toolingCVE-2019-1547OpenSSL Triggerflow CITriggerflowPortSmashCVE-2018-5407SM2 EM tracesCVE-2018-0737libsuolaCVE-2016-7056CVE-2016-2178

CVE-2020-12399: research data and tooling

This dataset and software tools are for reproducing the research results related to CVE-2020-12399. It contains the remote timing data used in Section 4 of the paper, and later in Section 9 for the lattice attack. The measurements were collected over Gbit Ethernet between a client (attacker) and server (victim) connected by a Cisco 9300 series enterprise switch. We released the data to ensure reproducibility and refute doubts on the feasibility of remote timing attacks with lattice-based cryptanalysis.

CVE-2020-12399: NSS timing attack on DSA

In DSA signing, Mozilla’s NSS uses a modular exponentiation function with microarchitecture attack mitigations to protect exponent digits. However, the function leaks leading zero digits, leading to a remote timing attack vulnerability similar to CVE-2011-1945 and Minerva.

Read more about it in Section 4 of the paper, where we steal the private key of a server across a switched network. We also proposed and evaluated the fix for NSS.

CVE-2020-12402: NSS RSA key generation side-channel attack

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed us to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.

Read more about it in Section 8 of the paper. Mozilla merged our patch to harden both the GCD and modular inversion functions against timing attacks.

CVE-2020-12401: NSS timing-attack on ECDSA

In Mozilla’s NSS, we discovered that nonce padding applied as a countermeasure to CVE-2011-1945 at high level ECDSA signing functions was in fact being removed in lower level scalar multiplication wrappers. This put ECDSA private keys at risk to remote timing attacks. Read more about it in Section 5 of the paper. Mozilla merged our patch eventually, after lower-level mitigations.

CVE-2020-6829: NSS side-channel attacks on scalar multiplication

In ECDSA signing, we discovered that for curves NIST P-384 and NIST P-521, Mozilla’s NSS used a variable-time version of scalar multiplication function previously known to be vulnerable CVE-2018-5407. We leveraged EM side-channels to extract the ECDSA nonce information and recovered the 384-bit ECDSA private key using less than a hundred signatures. Furthermore, by using software controlled side-channels, we exploited the scalar recoding algorithm used in ECDSA point multiplication and retrieved the private key by acquiring only a handful of signatures.

Read more about it in Section 6 and 7 of the paper. Mozilla merged our patches for NIST P-384 and NIST P-521 that are constant-time stacks powered by ECCKiila and fiat-crypto.

ECCKiila

We presented ECCKiila in Set It and Forget It! Turnkey ECC for Instant Integration, that fully automates the implementation, testing, and integration of ECC stacks.

We applied ECCKiila and seamlessly integrated into three real-world projects: OpenSSL, Mozilla’s NSS, and the GOST OpenSSL Engine.

ECCKAT: co-factor ECC CDH

This artifact contains one of the vulnerabilities included in ECCKAT, described in Section 3.4 ("OpenSSL: ECC CDH vulnerability") in the preprint. It demonstrates bypassing Elliptic Curve Co-factor Diffie Hellman (ECC CDH) security in an OpenSSL beta release, which should fail to derive a shared key if a peer point is not a multiple of the generator. We developed the fix for OpenSSL in PR 6535.

Projective coordinates leakage: research data and tooling

This dataset and software tool are for reproducing the research results related to CVE-2020-10932, CVE-2020-12400 and CVE-2020-11735, resulting from our paper.

The data was used to carry out the projective coordinates attack against Libgcrypt in Section 6 of the article.

CVE-2020-10932: Mbed TLS inversion leakage

While converting ECC points from projective to affine coordinates, Mbed TLS failed to use a constant-time modular inversion function. This potentially put private keys at risk. Read more about it in our paper.

CVE-2020-12400: NSS inversion leakage

While converting ECC points from projective to affine coordinates, NSS failed to use a constant-time modular inversion function. This potentially put private keys of P-384 and P-521 at risk. Read more about it in our paper.

CVE-2020-11735: wolfSSL inversion leakage

While converting ECC points from projective to affine coordinates, wolfSSL failed to use a constant-time modular inversion function. This potentially put private keys at risk. Read more about it in our paper.

CVE-2019-18222: research data and tooling

This dataset relates to CVE-2019-18222 and contains the per-signature post-processed ECDSA nonce candidates. It also contains tooling that, after factoring a candidate, will enumerate the ECC keys to test for the correct nonce. The dataset and tooling were used to produce some of the Mbed TLS results in the paper and released to ensure reproducibility.

CVE-2019-18222

We discovered a side-channel vulnerability in the Mbed TLS implementation of a side-channel countermeasure. For ECDSA signatures, Mbed TLS uses multiplicative blinding of the nonce, but fails to reduce the product. Obtaining a trace of the subsequent inversion, attackers can factor the product and enumerate ECC keys.

Read more in the Mbed TLS Security Advisory and our paper.

CVE-2019-1547: research data and tooling

This dataset relates to CVE-2019-1547, used to produce Figure 4 in the paper and is part of the remote timing attack data (Section 4.1). The included software tools help validate the data as well as show how to parse the JSON.

CVE-2019-1547

We introduced the concept of Certified Side Channels where many cryptography libraries make various runtime decisions when parsing private keys that leads to side channel vulnerabilities later when using the keys.

We discovered vulnerabilities in DSA, RSA, and EC key parsing, and submitted several PRs to the OpenSSL project to address these issues ( 9587 9727 9779 9797 9808 9821 10122 10140 10196 10209 10232 ). Find more information in the OpenSSL Security Advisory.

OpenSSL Triggerflow CI

Continuous Integration system for OpenSSL, watching for known execution paths vulnerable to side channel attacks. Powered by Triggerflow.

Triggerflow

Execution path tracking tool. Originally developed for dynamic analysis of software for side-channel vulnerabilities, it is a development tool automating the debugger to allow contextual inspection of breakpoints, with false positive considerations to facilitate automated regression testing.

We also submitted two security-related PRs based on the results: 8253 and 8254 are now merged in OpenSSL.

PortSmash

This proof-of-concept artifact demonstrates PortSmash in action against a vulnerable OpenSSL version performing non-constant-time scalar multiplications.

We backported the security fix to OpenSSL in 7593, now merged.

CVE-2018-5407

We discovered PortSmash, a novel microarchitecture side-channel attack technique exploiting port contention in architectures featuring Simultaneous Multi-Threading (SMT).

We applied PortSmash to steal the private key (elliptic curve P-384) of an OpenSSL-linked TLS server. Find more information in our oss-security post.

SM2 EM traces

This dataset contains Electromagnetic (EM) side-channel traces of elliptic curve point multiplication during SM2 decryption in OpenSSL. The traces were used for Test Vector Leakage Assessment (TVLA) of SM2 decryption.

We also submitted several security patches to OpenSSL: 6009 6066 6501 6521. The TVLA results showed significant improvement after they were merged.

CVE-2018-0737

We discovered several code paths in OpenSSL’s RSA key generation implementation leaking algorithm state. We exploited a code path performing co-primality tests using the variable-time greatest common divisor (GCD) algorithm. A side-channel cache-timing attack allowed us to recover RSA private keys after a single cache-timing trace.

Find more information in our oss-security post and watch the video!

libsuola

An ENGINE gluing together OpenSSL and NaCl-derived crypto. This project aims at developing an OpenSSL engine rigging cryptosystem implementations derived from NaCl into OpenSSL.

It supports different back-end providers, including implementations from alternative third party libraries like libsodium, formally verified implementations like the ones provided by the HACL* project or statically embedding an alternative implementation inside the ENGINE.

libsuola is meant to demonstrate a framework that can be used to bridge the gap between novel scientific results and real world applications.

CVE-2016-7056

We discovered a vulnerability in OpenSSL’s ECDSA signing implementation, affecting the 1.0.1 branch. The weakness is due to variable-time modular inversion, even when featuring P-256 constant-time scalar multiplication.

Exploiting this vulnerability, we performed a side-channel cache-timing attack that allowed us to recover private keys from OpenSSL-linked TLS and SSH servers after a small number of attacker-initiated connections.

Find more information in our oss-security post.

CVE-2016-2178

We discovered a bug in OpenSSL’s DSA implementation that prevents the DSA signing algorithm from running in constant time even with appropriate flags set. This bug went unnoticed since 2005.

Exploiting this bug, we performed a side-channel cache-timing attack against two protocols that rely on OpenSSL: SSH and TLS.

For SSH (linked to OpenSSL) we recovered a 1024/160-bit DSA key, and for TLS (linked to OpenSSL) we recovered a 2048/256-bit DSA key, both after a small number of attacker-initiated connections. Find more information in an oss-security post.