→ hack.lu CTF Power security tokens

| No TrackBacks
Having trace.pkl file and title with keyword "power" we know thats it's an Power Analysis task. In task said it's an signature generation function, by task name keyword "tokens" we can assume it's RSA.

If we plot some of our data list, we get something like: click to zoom
Can you see impulses?

Main idea of Power analysis is that different instructions have different power consumption patterns.
RSA signature generation:
S = M^d mod N

or

S=1
for i =L-1 downto 0:
    S = S^2 mod N
    if di == 1:
        S = S * M mod N
For every bit of d we've square and if bit = 1 we've multiplication also. So we just check our data for duration patterns:
short+long=1, short=0. Simple, hah?

Sources included.
Thanks to @hellman1908 for error corection!

No TrackBacks

TrackBack URL: http://smokedchicken.org/m/mt-tb.cgi/62

About this Entry

This page contains a single entry by kyprizel published on September 21, 2011 7:38 PM.

Second hack.lu pre-ctf challenge(ECDSA) solution was the previous entry in this blog.

PHD CTF Afterparty is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.