Skip to main content
SpringerLink
Log in
Book cover

European Workshop on Security in Ad-hoc and Sensor Networks

ESAS 2005: Security and Privacy in Ad-hoc and Sensor Networks pp 205–217Cite as

Side Channel Attacks on Message Authentication Codes

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3813))

Abstract

Side channel attacks are a serious menace to embedded devices with cryptographic applications which are utilized in sensor and ad hoc networks. In this paper we show that side channel attacks can be applied to message authentication codes, even if the countermeasure is applied to the underlying block cipher. In particular, we show that EMAC, OMAC, and PMAC are vulnerable to our attack. Based on simple power analysis, we show that several key bits can be extracted, and based on differential power analysis, we present selective forgery against these MACs. Our results suggest that protecting block ciphers against side channel attacks is not sufficient, and countermeasures are needed for MACs as well.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Kilian, J., Rogaway, P.: The Security of the Cipher Block Chaining Message Authentication Code. JCSS 61(3), 362–399 (2000); Earlier version In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)

    Google Scholar 

  2. Berendschot, A., den Boer, B., Boly, J.P., Bosselaers, A., Brandt, J., Chaum, D., Damgård, I., Dichtl, M., Fumy, W., van der Ham, M., Jansen, C.J.A., Landrock, P., Preneel, B., Roelofsen, G., de Rooij, P., Vandewalle, J. (eds.): Final Report of RACE Integrity Primitives. LNCS, vol. 1007. Springer, Heidelberg (1995)

    Google Scholar 

  3. Black, J., Rogaway, P.: A Block-Cipher Mode of Operation for Parallelizable Message Authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  4. Black, J., Urtubia, H.: Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption. In: Proc. of 11th USENIX security symposium, pp. 327–338 (2002)

    Google Scholar 

  5. Canvel, B., Hiltgen, A., Vaudenay, S., Vaugnoux, M.: Password Interception in a SSL/TLS Channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Berlin (2002)

    MATH  Google Scholar 

  7. FIPS 113, Computer data authentication. Federal Information Processing Standards Publication 113, U.S. Department of Commerce / National Bureau of Standards, National Technical Information Service, Springfield, Virginia (1994)

    Google Scholar 

  8. IEEE 802.16 Task Group e (Mobile WirelessMAN), http://wirelessman.org/tge/

  9. ISO/IEC 9797-1, Information technology — security techniques — data integrity mechanism using a cryptographic check function employing a block cipher algorithm. In: Organization for Standards, 2nd edn., Geneva, Switzerland (1999)

    Google Scholar 

  10. Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Klima, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. IACR ePrint Archive 2003/098 (2003)

    Google Scholar 

  12. Kocher, C.: Timing attacks on Implementations of Diffie-Hellman, RSA, DSS, and other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  13. Kocher, C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  14. Messerges, T.: Securing the AES Finalists against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Messerges, T.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  16. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Trans. Computers 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

  17. Möller, B.: Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures (2004), Available at http://www.openssl.org/~bodo/tls-cbc.txt

  18. Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication (2005), http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf

  19. Paterson, K.G., Yau, A.: Padding Oracle Attacks on the ISO CBC Mode Encryption Standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  20. Vaudenay, S.: Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hitachi, Ltd., Systems Development Laboratory, 1099, Ohzenji, Asao-ku, Kawasaki, 215-0013, Japan

    Katsuyuki Okeya

  2. Dept. of Computer and Information Sciences, Ibaraki University, 4–12–1 Nakanarusawa, Hitachi, Ibaraki, 316-8511, Japan

    Tetsu Iwata

Authors
  1. Katsuyuki Okeya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tetsu Iwata
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut Eurecom, 2229 Route des Cretes, 06904, Sophia-Antipolis, France

    Refik Molva

  2. Computer Science Department, University of California, Irvine,  

    Gene Tsudik

  3. NEC Europe Ltd.,,  

    Dirk Westhoff

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Okeya, K., Iwata, T. (2005). Side Channel Attacks on Message Authentication Codes. In: Molva, R., Tsudik, G., Westhoff, D. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2005. Lecture Notes in Computer Science, vol 3813. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11601494_17

Download citation

  • DOI: https://doi.org/10.1007/11601494_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30912-3

  • Online ISBN: 978-3-540-31615-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation