Skip to main content
SpringerLink
Log in

Side-Channel Attacks on SHA-1-Based Product Authentication ICs

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9514))

Abstract

To prevent product counterfeiting, a common practice is to cryptographically authenticate system components (e.g., inkjet cartridges, batteries, or spare parts) using dedicated ICs. In this paper, we analyse the security of two wide-spread examples for such devices, the DS28E01 and DS2432 SHA-1-based authentication ICs manufactured by Maxim Integrated. We show that the 64-bit secret can be fully extracted using non-invasive side-channel analysis with 1,800 and 1,200 traces, respectively. Doing so, we present the, to our knowledge, first gray-box side-channel attack on real-world devices employing an HMAC-like construction. Our results highlight that there is an evident need for protection against implementation attacks also for the case of low-cost devices like product authentication ICs.

D. Oswald—Part of this work was carried out while the author was at the Chair for Embedded Security, Prof. Dr.-Ing. Christof Paar, Ruhr-University Bochum, Germany.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Atmel. ATAES132A 32K AES Serial EEPROM Specification. Datasheet, July 2015. http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf

  2. Belaid, S., Bettale, L., Dottax, E., Genelle, L., Rondepierre, F.: Differential power analysis of HMAC SHA-2 in the hamming weight model. In: SECRYPT 2013, Reykjavik, Iceland. Scitepress, July 2013

    Google Scholar 

  3. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  4. Brandt, C.: Hacking iButtons. Presentation at 27C3 (2010). http://cribert.freeforge.net/27c3/ibsec.pdf

  5. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. O’Flynn, C.: ChipWhisperer, July 2015. https://www.assembla.com/spaces/chipwhisperer/wiki

  7. Fouque, P.-A., Leurent, G., Réal, D., Valette, F.: Practical electromagnetic template attack on HMAC. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 66–80. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Hemme, L., Hoffmann, L.: Differential fault analysis on the SHA1 compression function. In: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography - FDTC 2011, pp. 54–62. IEEE Computer Society, Washington, DC (2011)

    Google Scholar 

  9. Infineon. ORIGA SLE95200. Datasheet, July 2015. http://www.infineon.com/dgdl/ORIGA2_SLE95200_Product_Brief_v1+00.pdf?fileId=db3a30433580b3710135a50170336cd8

  10. Li, R., Li, C., Gong, C.: Differential fault analysis on SHACAL-1. In: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography - FDTC 2009, pp. 120–126. IEEE Computer Society, Washington, DC (2009)

    Google Scholar 

  11. Maxim integrated. 1-Wire, July 2015. http://www.maximintegrated.com/en/products/comms/one-wire.html

  12. Maxim integrated. DS28E01-100 1 Kb Protected 1-Wire EEPROM with SHA-1 Engine, July 2015. http://www.maximintegrated.com/en/products/digital/memory-products/DS28E01-100.html/tb_tab0

  13. McEvoy, R., Tunstall, M., Murphy, C.C., Marnane, W.P.: Differential power analysis of HMAC based on SHA-2, and countermeasures. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 317–332. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. NIST. FIpPS 180–4 Secure Hash Standard (SHS). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf

  15. Oswald, D.: Implementation attacks.: from theory to practice. Ph.D. thesis, Ruhr-University Bochum, September 2013

    Google Scholar 

  16. Preneel, B., van Oorschot, P.C.: MDx-MAC and building fast MACs from hash functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)

    Google Scholar 

  17. Rivest, R.L.: The invertibility of the XOR of rotations of a binary word. Int. J. Comput. Math. 88(2), 281–284 (2011)

    MathSciNet  MATH  Google Scholar 

  18. Sourceforge. GIAnT (Generic Implementation ANalysis Toolkit), April 2013. https://sf.net/projects/giant/

  19. Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. United nations office on drugs and crime. Counterfeit Goods - A Bargain or a Costly Mistake? Fact Sheet (2013). http://www.unodc.org/documents/toc/factsheets/TOC12_fs_counterfeit_EN_HIRES.pdf

Download references

Author information

Authors and Affiliations

  1. The University of Birmingham, Birmingham, UK

    David Oswald

Authors
  1. David Oswald
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David Oswald .

Editor information

Editors and Affiliations

  1. Tohoku University, Sendai, Japan

    Naofumi Homma

  2. NXP Semiconductors, Gratkorn, Austria

    Marcel Medwed

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Oswald, D. (2016). Side-Channel Attacks on SHA-1-Based Product Authentication ICs. In: Homma, N., Medwed, M. (eds) Smart Card Research and Advanced Applications. CARDIS 2015. Lecture Notes in Computer Science(), vol 9514. Springer, Cham. https://doi.org/10.1007/978-3-319-31271-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31271-2_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31270-5

  • Online ISBN: 978-3-319-31271-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation