Skip to main content
SpringerLink
Log in
Book cover

International Conference on Smart Card Research and Advanced Applications

CARDIS 2014: Smart Card Research and Advanced Applications pp 215–232Cite as

Bounded, yet Sufficient? How to Determine Whether Limited Side Channel Information Enables Key Recovery

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8968))

Abstract

This work presents a novel algorithm to quantify the relation between three factors that characterize a side channel adversary: the amount of observed side channel leakage, the workload of full key recovery, and its achievable success rate. The proposed algorithm can be used by security evaluators to derive a realistic bound on the capabilities of a side channel adversary. Furthermore, it provides an optimal strategy for combining subkey guesses to achieve any predefined success rate. Hence, it can be used by a side channel adversary to determine whether observed leakage suffices for key recovery before expending computation time. The algorithm is applied to a series of side channel measurements of a microcontroller AES implementation and simulations. A comparison to related work shows that the new algorithm improves on existing algorithms in several respects.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    The cases are considered separately if incrementing or decrementing is impossible, i.e. \(e_j =1\) or \( e_j =256\) for Eqs. (5), (6) and (7).

References

  1. Dpa contest (versions 1 and 2). http://www.dpacontest.org/home/

  2. Chari, S., Rao, J., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2002. Lecture Notes in Computer Science, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)

    Google Scholar 

  3. Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 459–476. Springer, Heidelberg (2014)

    Google Scholar 

  4. Faust, S., Pietrzak, K., Schipper, J.: Practical leakage-resilient symmetric cryptography. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 213–232. Springer, Heidelberg (2012)

    Google Scholar 

  5. Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15–29. Springer, Heidelberg (2006)

    Google Scholar 

  6. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  7. Kocher, P.C.: Leak-resistant cryptographic indexed key update (US patent 6539092) (2003)

    Google Scholar 

  8. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  9. Macé, F., Standaert, F.-X., Quisquater, J.-J.: Information theoretic evaluation of side-channel resistant logic styles. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 427–442. Springer, Heidelberg (2007)

    Google Scholar 

  10. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smartcards. Springer-Verlag, New York (2007)

    Google Scholar 

  11. Medwed, M., Standaert, F.-X., Joux, A.: Towards super-exponential side-channel security with efficient leakage-resilient PRFs. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 193–212. Springer, Heidelberg (2012)

    Google Scholar 

  12. Moradi, A., Kasper, M., Paar, C.: Black-box side-channel attacks highlight the importance of countermeasures. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 1–18. Springer, Heidelberg (2012)

    Google Scholar 

  13. Pliam, J.: The disparity between work and entropy in cryptology. Cryptology ePrint Archive, report 1998/024 (1998). http://eprint.iacr.org/

  14. Pliam, J.O.: On the incomparability of entropy and marginal guesswork in brute-force attacks. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 67–79. Springer, Heidelberg (2000)

    Google Scholar 

  15. Poettering, B.: Rijndael Furious. Implementation. http://point-at-infinity.org/avraes/

  16. Regazzoni, F., Badel, S., Eisenbarth, T., Großschädl, J., Poschmann, A., Deniz, Z.T., Macchetti, M., Pozzi, L., Paar, C., Leblebici, Y., Ienne, P.: A simulation-based methodology for evaluating the DPA-resistance of cryptographic functional units with application to CMOS and MCML technologies. In: International Symposium on Systems, Architectures, Modeling and Simulation (SAMOS VII) (2007)

    Google Scholar 

  17. Rivain, M.: On the exact success rate of side channel analysis in the Gaussian model. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 165–183. Springer, Heidelberg (2009)

    Google Scholar 

  18. Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)

    Google Scholar 

  19. Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage resilient cryptography in practice. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. Information Security and Cryptography, pp. 99–134. Springer, Berlin Heidelberg (2010)

    Google Scholar 

  20. Thillard, A., Prouff, E., Roche, T.: Success through confidence: evaluating the effectiveness of a side-channel attack. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 21–36. Springer, Heidelberg (2013)

    Google Scholar 

  21. Tiri, K., Akmal, M., Verbauwhede, I.: A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In: Proceedings of the 28th European Solid-State Circuits Conference, 2002. ESSCIRC 2002, pp. 403–406 (September 2002)

    Google Scholar 

  22. Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 390–406. Springer, Heidelberg (2013)

    Google Scholar 

  23. Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126–141. Springer, Heidelberg (2013)

    Google Scholar 

Download references

Acknowledgments

This material is based upon work supported by the National Science Foundation under Grant No. #1261399 and Grant No. #1314770. We would like to thank François-Xavier Standaert for the helpful discussion. We would also like to thank the anonymous reviewers for their helpful comments.

Author information

Authors and Affiliations

  1. Worcester Polytechnic Institute, Worcester, MA, 01609, USA

    Xin Ye, Thomas Eisenbarth & William Martin

Authors
  1. Xin Ye
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Eisenbarth
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. William Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xin Ye .

Editor information

Editors and Affiliations

  1. Technicolor, Los Altos, California, USA

    Marc Joye

  2. Ruhr University, Bochum, Nordrhein-Westfalen, Germany

    Amir Moradi

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Ye, X., Eisenbarth, T., Martin, W. (2015). Bounded, yet Sufficient? How to Determine Whether Limited Side Channel Information Enables Key Recovery. In: Joye, M., Moradi, A. (eds) Smart Card Research and Advanced Applications. CARDIS 2014. Lecture Notes in Computer Science(), vol 8968. Springer, Cham. https://doi.org/10.1007/978-3-319-16763-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16763-3_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16762-6

  • Online ISBN: 978-3-319-16763-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation