Skip to main content
SpringerLink
Log in

Combining Leakage-Resilient PRFs and Shuffling

Towards Bounded Security for Small Embedded Devices

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8968))

Abstract

Combining countermeasures is usually assumed to be the best way to protect embedded devices against side-channel attacks. These combinations are at least expected to increase the number of measurements of successful attacks to some reasonable extent, and at best to guarantee a bounded time complexity independent of the number of measurements. This latter guarantee, only possible in the context of leakage-resilient constructions, was only reached either for stateful (pseudo-random generator) constructions, or large parallel implementations so far. In this paper, we describe a first proposal of stateless (pseudo-random function) construction, for which we have strong hints that security bounded implementations are reachable under the constraints of small embedded devices. Our proposal essentially combines the well-known shuffling countermeasure with a tweaked pseudo-random function introduced at CHES 2012. We first detail is performances. Then we analyze it against standard differential power analysis and discuss the different parameters influencing its security bounds. Finally, we put forward that its implementation in 8-bit microcontrollers can provide a better security vs. performance tradeoff than state-of-the art (combinations of) countermeasures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In short, because these (stateless) PRF constructions can only bound the adversary’s data complexity, by contrast with (stateful) leakage-resilient Pseudo-Random number Generators (PRGs) that bound the adversary’s number of measurements.

References

  1. Abdalla, M., Belaïd, S., Fouque, P.-A.: Leakage-resilient symmetric encryption via re-keying. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 471–488. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  2. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Coron, J.-S., Kizhvatov, I.: Analysis and improvement of the random delay countermeasure of CHES 2009. In: Mangard, S., Standaert, F.-X. (eds.) [14], pp. 95–109

    Google Scholar 

  4. Dodis, Y., Pietrzak, K.: Leakage-resilient pseudorandom functions and side-channel attacks on feistel networks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 21–40. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Durvaux, F., Renauld, M., Standaert, F.-X., van Oldeneel tot Oldenzeel, L., Veyrat-Charvillon, N.: Efficient removal of random delays from embedded software implementations using hidden markov models. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 123–140. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS, pp. 293–302. IEEE Computer Society (2008)

    Google Scholar 

  7. Gérard, B., Standaert, F.-X.: Unified and optimized linear collision attacks and their application in a non-profiled setting: extended version. J. Cryptographic Eng. 3(1), 45–58 (2013)

    Article  Google Scholar 

  8. Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions (extended abstract). In: FOCS, pp. 464–479. IEEE Computer Society (1984)

    Google Scholar 

  9. Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Kerckhof, S., Standaert, F.-X., Peeters, E.: From new technologies to new solutions exploiting FRAM memories to enhance physical security. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 16–30. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  11. Kocher, P.C.: Leak resistant cryptographic indexed key update. US Patent 6539092

    Google Scholar 

  12. Mangard, S.: Hardware countermeasures against DPA – a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222–235. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Mangard, S., Oswald, E., Standaert, F.-X.: One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100–110 (2011)

    Article  Google Scholar 

  14. Mangard, S., Standaert, F.-X. (eds.): CHES 2010. LNCS, vol. 6225. Springer, Heidelberg (2010)

    MATH  Google Scholar 

  15. Medwed, M., Standaert, F.-X., Joux, A.: Towards super-exponential side-channel security with efficient leakage-resilient PRFs. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 193–212. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) [14], pp. 413–427

    Google Scholar 

  17. Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 171–188. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  18. Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage resilient cryptography in practice. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security, Information Security and Cryptography, pp. 99–134. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126–141. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  20. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  21. Yu, Y., Standaert, F.-X.: Practical leakage-resilient pseudorandom objects with minimum public randomness. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 223–238. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

Download references

Acknowledgements

F.-X. Standaert is a research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). This work has been funded in parts by the European Commission through the ERC project 280141 (CRASH).

Author information

Authors and Affiliations

  1. ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium

    Vincent Grosso, Romain Poussier, François-Xavier Standaert & Lubos Gaspar

Authors
  1. Vincent Grosso
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Romain Poussier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. François-Xavier Standaert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lubos Gaspar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vincent Grosso .

Editor information

Editors and Affiliations

  1. Technicolor, Los Altos, California, USA

    Marc Joye

  2. Ruhr University, Bochum, Nordrhein-Westfalen, Germany

    Amir Moradi

A Additional Figures

A Additional Figures

Fig. 12.
figure 12

Template attacks with uniform prior and indirect resource-based leakages, in the high noise scenario (i.e. \(\sigma _n^2=10\)). Left: \(\rho _r=0.75\). Right: \(\rho _r=0.99\).

Full size image
Fig. 13.
figure 13

Template attacks with uniform prior and indirect time+resource-based leakages (\(\rho _r=0.75\)), in the high noise scenario (i.e. \(\sigma _n^2=10\)). Left: \(\rho _t=0.99\). Right: \(\rho _t=0.75\).

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Grosso, V., Poussier, R., Standaert, FX., Gaspar, L. (2015). Combining Leakage-Resilient PRFs and Shuffling. In: Joye, M., Moradi, A. (eds) Smart Card Research and Advanced Applications. CARDIS 2014. Lecture Notes in Computer Science(), vol 8968. Springer, Cham. https://doi.org/10.1007/978-3-319-16763-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16763-3_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16762-6

  • Online ISBN: 978-3-319-16763-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation