Chosen-IV Correlation Power Analysis on KCipher-2 and a Countermeasure
This paper presents a chosen-IV (Initial Vector) correlation power analysis on the international standard stream cipher KCipher-2 together with an effective countermeasure. First, we describe a power analysis technique which can reveal the secret key (initial key) of KCipher-2 and then evaluate the validity of the CPA with an experiment on an FPGA platform. This paper also proposes a countermeasure based on random masking techniques. The concept of the proposed countermeasure is to mask intermediate data which pass through the non-linear function part including integer addition, substitution functions, and internal registers L1 and L2. We design two types of masked integer adders and two types of masked substitution circuits in order to minimize circuit area and delay. The performance of the proposed method is evaluated through ASIC implementations on a 90-nm CMOS technology. In comparison to the design without a countermeasure, the circuit area and delay of the design with a countermeasure increase at most 1.5 and 2.6 times, respectively. The effectiveness of the countermeasure is also demonstrated through an experiment on the same FPGA platform.
KeywordsClock Cycle Finite State Machine Initial Vector Stream Cipher Power Trace
Unable to display preview. Download preview PDF.
- 1.Side-channel Attack Standard Evaluation BOard(SASEBO-GII), http://www.morita-tech.co.jp/SASEBO/en/board/sasebo-g2.html
- 4.Daemen, J., Rijmen, V.: The Design of Rijndael: AES–the advanced encryption standard. Springer (2002)Google Scholar
- 9.Kiyomoto, S., Tanaka, T., Sakurai, K.: K2: A stream cipher algorithm using dynamic feedback control. In: Proc. SECRYPT, pp. 204–213 (2007)Google Scholar
- 11.Kogge, P., Stone, H.: A parallel algorithm for the efficient solution of a general class of recurrence equations. IEEE Trans. Computers C-22(8), 786–793 (1973)Google Scholar