Skip to main content
SpringerLink
Log in

Bricklayer Attack: A Side-Channel Analysis on the ChaCha Quarter Round

  • Conference paper
  • First Online:
Progress in Cryptology – INDOCRYPT 2017 (INDOCRYPT 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10698))

Included in the following conference series:

Abstract

ChaCha is a family of stream ciphers that are very efficient on constrainted platforms. In this paper, we present electromagnetic side-channel analyses for two different software implementations of ChaCha20 on a 32-bit architecture: one compiled and another one directly written in assembly. On the device under test, practical experiments show that they have different levels of resistance to side-channel attacks. For the most leakage-resilient implementation, an analysis of the whole quarter round is required. To overcome this complication, we introduce an optimized attack based on a divide-and-conquer strategy named bricklayer attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. chacha20-poly1305@openssh.com: Authenticated encryption mode, May 2016. http://bxr.su/OpenBSD/usr.bin/ssh/PROTOCOL.chacha20poly1305

  2. iOS 10 Security White Paper. Technical report, Apple Inc., March 2017. https://www.apple.com/business/docs/iOS_Security_Guide.pdf

  3. Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. Cryptology ePrint Archive, Report 2007/472 (2007). http://eprint.iacr.org/2007/472

  4. Babbage, S., Borghoff, J., Velichkov, V.: The eSTREAM portfolio in 2012. http://www.ecrypt.eu.org/ecrypt2/documents/D.SYM.10-v1.pdf

  5. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the Internet of Things. Cryptology ePrint Archive, Report 2015/585 (2015). http://eprint.iacr.org/2015/585

  6. Bernstein, D.J.: Extending the Salsa20 nonce. https://cr.yp.to/snuffle/xsalsa-20081128.pdf

  7. Bernstein, D.J.: ChaCha, a variant of Salsa20. In: SASC - The State of the Art of Stream Ciphers, pp. 273–278 (2008). http://cr.yp.to/chacha/chacha-20080128.pdf

  8. Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_8

    Chapter  Google Scholar 

  9. Biryukov, A., Dinu, D., Großschädl, J.: Correlation power analysis of lightweight block ciphers: from theory to practice. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 537–557. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_29

    Google Scholar 

  10. Boura, C., Lvque, S., Vigilant, D.: Side-channel analysis of Grostl and Skein. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 16–26, May 2012. https://www.ieee-security.org/TC/SPW2012/proceedings/4740a016.pdf

  11. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  12. Bursztein, E.: Speeding up and strengthening HTTPS connections for Chrome on Android. Technical report, April 2014. https://security.googleblog.com/2014/04/speeding-up-and-strengthening-https.html

  13. Callan, R., Zajić, A., Prvulovic, M.: A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-47, pp. 242–254. IEEE Computer Society, Washington, D.C. (2014). http://dx.doi.org/10.1109/MICRO.2014.39

  14. Choudhuri, A.R., Maitra, S.: Differential cryptanalysis of Salsa and ChaCha - an evaluation with a hybrid model. Cryptology ePrint Archive, Report 2016/377 (2016). http://eprint.iacr.org/2016/377

  15. Coron, J.-S., Großschädl, J., Tibouchi, M., Vadnala, P.K.: Conversion from arithmetic to boolean masking with logarithmic complexity. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 130–149. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_7

    Chapter  Google Scholar 

  16. Couroussé, D., Barry, T., Robisson, B., Jaillon, P., Potin, O., Lanet, J.-L.: Runtime code polymorphism as a protection against side channel attacks. Cryptology ePrint Archive, Report 2017/699 (2017). http://eprint.iacr.org/2017/699

  17. Denis, F.: The XChaCha20-Poly1305 construction. https://download.libsodium.org/doc/secret-key_cryptography/xchacha20-poly1305_construction.html

  18. Dworkin, M.J.: SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques. Technical report, Gaithersburg, MD, United States (2001)

    Google Scholar 

  19. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_21

    Chapter  Google Scholar 

  20. Goubin, L.: A sound method for switching between boolean and arithmetic masking. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3–15. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_2

    Chapter  Google Scholar 

  21. Jungk, B., Bhasin, S.: Don’t fall into a trap: physical side-channel analysis of chacha20-poly1305. In: Design, Automation Test in Europe Conference Exhibition (DATE 2017), pp. 1110–1115, March 2017

    Google Scholar 

  22. Karroumi, M., Richard, B., Joye, M.: Addition with blinded operands. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 41–55. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_4

    Google Scholar 

  23. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25. http://dl.acm.org/citation.cfm?id=646764.703989

    Chapter  Google Scholar 

  24. Kumar, S.V.D., Patranabis, S., Breier, J., Mukhopadhyay, D., Bhasin, S., Chattopadhyay, A., Baksi, A.: A practical fault attack on ARX-like ciphers with a case study on ChaCha20. In: 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC, Taipei, Taiwan (2017)

    Google Scholar 

  25. Langley, A., Chang, W., Mavrogiannopoulos, N., Strombergson, J., Josefsson, S.: ChaCha20-Poly1305 cipher suites for transport layer security (TLS). RFC 7905, RFC Editor, June 2016. http://tools.ietf.org/rfc/rfc7905.txt

  26. Lemke, K., Schramm, K., Paar, C.: DPA on n-bit sized boolean and arithmetic operations and its application to IDEA, RC6, and the HMAC-construction. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 205–219. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_15. http://www.iacr.org/archive/asiacrypt2007/31560191/31560191.pdf

    Chapter  Google Scholar 

  27. Luykx, A., Mennink, B., Paterson, K.G.: Analyzing multi-key security degradation. Cryptology ePrint Archive, Report 2017/435 (2017). http://eprint.iacr.org/2017/435

  28. Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discrete Appl. Math. 208(C), 88–97 (2016). http://dx.doi.org/10.1016/j.dam.2016.02.020

    Article  MathSciNet  MATH  Google Scholar 

  29. Mazumdar, B., Ali, S.S., Sinanoglu, O.: Power analysis attacks on ARX: an application to Salsa20. In: 2015 IEEE 21st International On-line Testing Symposium (IOLTS), pp. 40–43, July 2015

    Google Scholar 

  30. McCann, D., Eder, K., Oswald, E.: Characterising and comparing the energy consumption of side channel attack countermeasures and lightweight cryptography on embedded devices. Cryptology ePrint Archive, Report 2015/832 (2015). http://eprint.iacr.org/2015/832

  31. McGrew, D., Bailey, D.: AES-CCM cipher suites for transport layer security (TLS). RFC 6655, RFC Editor, July 2012. http://tools.ietf.org/rfc/rfc6655.txt

  32. Mozaffari-Kermani, M., Azarderakhsh, R.: Reliable hash trees for post-quantum stateless cryptographic hash-based signatures. In: 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS), pp. 103–108, October 2015

    Google Scholar 

  33. Patranabis, S., Roy, D.B., Vadnala, P.K., Mukhopadhyay, D., Ghosh, S.: Shuffling across rounds: a lightweight strategy to counter side-channel attacks. In: 2016 IEEE 34th International Conference on Computer Design (ICCD), pp. 440–443, October 2016

    Google Scholar 

  34. Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45418-7_17

    Chapter  Google Scholar 

  35. Rescorla, E.: The transport layer security (TLS) protocol version 1.3. Internet-Draft draft-ietf-tls-tls13-21, Internet Engineering Task Force, July 2017. https://tlswg.github.io/tls13-spec/draft-ietf-tls-tls13.html, work in Progress

  36. Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. Cryptology ePrint Archive, Report 2009/420 (2009). http://eprint.iacr.org/2009/420

  37. Salowey, J., Choudhury, A., McGrew, D.: AES Galois Counter Mode (GCM) cipher suites for TLS. RFC 5288, RFC Editor, August 2008. http://www.rfc-editor.org/rfc/rfc5288.txt

  38. Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24

    Chapter  Google Scholar 

  39. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_44

    Chapter  Google Scholar 

  40. Yadav, P., Gupta, I., Murthy, S.K.: Study and analysis of eSTREAM cipher Salsa and ChaCha. In: 2016 IEEE International Conference on Engineering and Technology (ICETECH), pp. 90–94, March 2016

    Google Scholar 

  41. Zohner, M., Kasper, M., Stöttinger, M.: Butterfly-attack on Skein’s modular addition. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 215–230. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29912-4_16

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Trusted Objects, Aix-en-Provence, France

    Alexandre Adomnicai & Laurent Masson

  2. CEA-Leti, Grenoble, France

    Jacques J. A. Fournier

  3. EMSE, Gardanne, France

    Alexandre Adomnicai

Authors
  1. Alexandre Adomnicai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jacques J. A. Fournier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Laurent Masson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Alexandre Adomnicai , Jacques J. A. Fournier or Laurent Masson .

Editor information

Editors and Affiliations

  1. Indian Institute of Science (IISc), Bengaluru, India

    Arpita Patra

  2. Department of Computer Science, University of Bristol, Bristol, United Kingdom

    Nigel P. Smart

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Adomnicai, A., Fournier, J.J.A., Masson, L. (2017). Bricklayer Attack: A Side-Channel Analysis on the ChaCha Quarter Round. In: Patra, A., Smart, N. (eds) Progress in Cryptology – INDOCRYPT 2017. INDOCRYPT 2017. Lecture Notes in Computer Science(), vol 10698. Springer, Cham. https://doi.org/10.1007/978-3-319-71667-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-71667-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-71666-4

  • Online ISBN: 978-3-319-71667-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation