Abstract
It is often considered reasonable to combine first-order Boolean masking and shuffling countermeasures. However, shuffling countermeasures can sometimes be applied only to some rounds to improve performance. Herein, we define combinations of partial shuffling and masking countermeasures as restricted shuffling and masking countermeasures.
Moreover, we propose a novel leakage on restricted shuffling and masking countermeasures that have low attack complexity and a small correlation-reduction factor. Our novel leakage ignores the confusion layer to prevent shuffling from increasing the attack complexity. To reduce the complexity, we can confirm a partial correlation between the diffusion and confusion layer outputs. We identify that our proposal, which exploits this fact offers an overwhelming advantage compared with existing attacks when applied to the PRINCE and SEED block ciphers. Furthermore, we demonstrate the effectiveness of our proposed scheme using both simulated and realistic traces. In simulations, the number of traces required was reduced by up to 95%. When attacking a realistic device, a few traces were enough to recover the correct key, although existing attacks failed to reveal the correct key.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_14
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253–270. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_17
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26
Goubin, L., Patarin, J.: DES and differential power analysis the “Duplication” method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_15
Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006). https://doi.org/10.1007/11767480_16
Kim, H., Cho, Y.I., Choi, D., Han, D.G., Hong, S.: Efficient masked implementation for SEED based on combined masking. ETRI J. 33(2), 267–274 (2011)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007). https://doi.org/10.1007/978-0-387-38162-6
O’Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_17
Oswald, E., Mangard, S., Herbst, C., Tillich, S.: Practical second-order DPA attacks for masked smart card implementations of block ciphers. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 192–207. Springer, Heidelberg (2006). https://doi.org/10.1007/11605805_13
Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–8141 (2009)
Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 171–188. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_13
Information Technology \(-\) Security Techniques \(-\) Encryption Algorithms \(-\) Part 3: Block Ciphers, ISO/IEC 18033–3:2005 (2005)
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26
Tillich, S., Herbst, C.: Attacking state-of-the-art software countermeasures—a case study for AES. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 228–243. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_15
Tillich, S., Herbst, C., Mangard, S.: Protecting AES software implementations on 32-bit processors against power analysis. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 141–157. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72738-5_10
Acknowledgements
This work was supported by the Institute for Information and Communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. 20170005200011001, Development of SCR-Friendly Symmetric Key Cryptosystem and Its Application Modes).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Proof of Lemma 2
A Proof of Lemma 2
Proof
First, we prove the equation \(\rho _{WH'}=\rho _{WH}\rho _{HH'}\), which can be derived as in [6].
Before we prove the equation \(\rho _{HH'}=\sqrt{\frac{l}{n}}\), we define \(H_{l}\) as the Hamming weight for l bits out of a total of n bits. Then, by [11], \(E[H_{l}]=\frac{l}{2}\), \(Var[H_{l}]=\frac{l}{4}\), and hence
\(\square \)
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Won, YS., Park, A., Han, DG. (2018). Novel Leakage Against Realistic Masking and Shuffling Countermeasures . In: Kim, H., Kim, DC. (eds) Information Security and Cryptology – ICISC 2017. ICISC 2017. Lecture Notes in Computer Science(), vol 10779. Springer, Cham. https://doi.org/10.1007/978-3-319-78556-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-78556-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78555-4
Online ISBN: 978-3-319-78556-1
eBook Packages: Computer ScienceComputer Science (R0)