[Cryptography] Use of RDRAND in Haskell's TLS RNG?

[Bill Cox]

I just realized that I have not described a "power droop" attack in enough
detail.  I make the following assumption:

- The Intel DRNG shares a power rail with some on-chip power hungry device

Assuming this is the case, you have to cause the power rails to drop
rapidly.  For example, if a multiplier is nearby the TRNG, doing
multiplications should work.  If it is near a cache block, repeated
read/writes to that block should work.

The timing has to be such that the attack is faster than DRNG's feedback
response time.  The resistance in the power mesh is likely enough to make
the attack independent of the time constant from the outside supply pins to
the internal power mesh.

All you need is a few millivolts of power droop to control this device in
my simulations, based on guessed W/Ls and Vth mismatch.  For the time it
takes for the feedback to compensate for slightly lower power rails, the
DRNG will output a string of either 1's or 0's, depending on the Vth
mismatches.

At some point, it begins to correct for the change in power supply
voltage.  At this point, you have to turn off the source of power drain
(for example, multiplier or cache access loop).  The power rails then
recover faster than the feedback loop in the DRNG, and the output will be
the opposite of what it was before: either a string of 0's or 1's.

Attacks like this can be defended against with careful design.  I have no
way to know if this happened or not.

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161128/59120478/attachment.html>