Minerva attack on power PC architecture #24253
Description
@tomato42 and I have tested OpenSSL in power PC architecture and we found that it may be vulnerable to a variant of the Minerva attack. We used statistical analysis to confirm the presence of side channels but we did not perform the Minerva attack against the implementation.
In the test scenario, we measure the time of signing of random messages using the EVP_DigestSign API (Init, Update, and Final) and then use the private key to extract the K value (nonce) from the signatures. Then based on the bit size of the extracted nonce we compare the signing time of full-sized nonces to signatures that used smaller nonces using statistical tests.
In our initial test, we found a side-channel in P-364 curve. The P-256 and P-521 curves are, most likely, safe. In these results we can see a clear leak: there is a dependency between the bit size of K and the size of the side channel.
For the non-deterministic path of the code:
Results for P-256. Skilling-Mack test p-value: 1.676327e-01. The sample tested has 583,024,459 observations.
Results for P-384. Skilling-Mack test p-value: 1.802425e-74. The sample tested has 615,444,376 observations.
Results for P-521. Skilling-Mack test p-value: 8.632069e-01. The sample tested has 485,866,172 observations.
For the deterministic path of the code:
Results for P-256. Skilling-Mack test p-value: 7.604963e-02. The sample tested has 388,704,249 observations.
Results for P-384. Skilling-Mack test p-value: 1.201069e-15. The sample tested has 323,911,655 observations.
Results for P-521. Skilling-Mack test p-value: 4.801629e-01. The sample tested has 550,642,703 observations.
Also see second leak in #24253 (comment)