Abstract
Side channel attacks are a serious menace to embedded devices with cryptographic applications which are utilized in sensor and ad hoc networks. In this paper we show that side channel attacks can be applied to message authentication codes, even if the countermeasure is applied to the underlying block cipher. In particular, we show that EMAC, OMAC, and PMAC are vulnerable to our attack. Based on simple power analysis, we show that several key bits can be extracted, and based on differential power analysis, we present selective forgery against these MACs. Our results suggest that protecting block ciphers against side channel attacks is not sufficient, and countermeasures are needed for MACs as well.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bellare, M., Kilian, J., Rogaway, P.: The Security of the Cipher Block Chaining Message Authentication Code. JCSS 61(3), 362–399 (2000); Earlier version In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)
Berendschot, A., den Boer, B., Boly, J.P., Bosselaers, A., Brandt, J., Chaum, D., Damgård, I., Dichtl, M., Fumy, W., van der Ham, M., Jansen, C.J.A., Landrock, P., Preneel, B., Roelofsen, G., de Rooij, P., Vandewalle, J. (eds.): Final Report of RACE Integrity Primitives. LNCS, vol. 1007. Springer, Heidelberg (1995)
Black, J., Rogaway, P.: A Block-Cipher Mode of Operation for Parallelizable Message Authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)
Black, J., Urtubia, H.: Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption. In: Proc. of 11th USENIX security symposium, pp. 327–338 (2002)
Canvel, B., Hiltgen, A., Vaudenay, S., Vaugnoux, M.: Password Interception in a SSL/TLS Channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Berlin (2002)
FIPS 113, Computer data authentication. Federal Information Processing Standards Publication 113, U.S. Department of Commerce / National Bureau of Standards, National Technical Information Service, Springfield, Virginia (1994)
IEEE 802.16 Task Group e (Mobile WirelessMAN), http://wirelessman.org/tge/
ISO/IEC 9797-1, Information technology — security techniques — data integrity mechanism using a cryptographic check function employing a block cipher algorithm. In: Organization for Standards, 2nd edn., Geneva, Switzerland (1999)
Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)
Klima, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. IACR ePrint Archive 2003/098 (2003)
Kocher, C.: Timing attacks on Implementations of Diffie-Hellman, RSA, DSS, and other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Messerges, T.: Securing the AES Finalists against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)
Messerges, T.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Trans. Computers 51(5), 541–552 (2002)
Möller, B.: Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures (2004), Available at http://www.openssl.org/~bodo/tls-cbc.txt
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication (2005), http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
Paterson, K.G., Yau, A.: Padding Oracle Attacks on the ISO CBC Mode Encryption Standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)
Vaudenay, S.: Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Okeya, K., Iwata, T. (2005). Side Channel Attacks on Message Authentication Codes. In: Molva, R., Tsudik, G., Westhoff, D. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2005. Lecture Notes in Computer Science, vol 3813. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11601494_17
Download citation
DOI: https://doi.org/10.1007/11601494_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30912-3
Online ISBN: 978-3-540-31615-2
eBook Packages: Computer ScienceComputer Science (R0)