Abstract
Enumeration of cryptographic keys in order of likelihood based on side-channel leakages has a significant importance in cryptanalysis. The best optimal-order key enumeration algorithms have a huge space complexity of \(\varOmega (n^{d/2})\) when there are d subkeys and n candidate values per subkey. In this paper, we present a parallelizable algorithm that enumerates the keys in near-optimal order but enjoys a much better space complexity of \(O(d^2w+dn)\) for a design parameter w which can be tuned to available RAM.
Before presenting our algorithm, we provide lower and upper bounds on the guessing entropy of the full key in terms of the easy-to-compute guessing entropies of the individual subkeys. We use these results to quantify the near-optimality of our algorithm’s ranking, and to bound its guessing entropy. Finally, we evaluate our algorithm through extensive simulations, to show the advantages of our new algorithm in practice, on realistic SCA scenarios. We show that our algorithm continues its near-optimal-order enumeration far beyond the rank at which the optimal algorithm fails due to insufficient memory.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Berlin (2003). doi:10.1007/3-540-36400-5_4
Anonymous: Anonymous (2015)
Bernstein, D.J., Lange, T., van Vredendaal, C.: Tighter, faster, simpler side-channel security evaluations beyond computing power. Cryptology ePrint Archive, Report 2015/221 (2015). http://eprint.iacr.org/
Bogdanov, A., Kizhvatov, I., Manzoor, K., Tischhauser, E., Witteman, M.: Fast and memory-efficient key recovery in side-channel attacks. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 310–327. Springer, Cham (2016). doi:10.1007/978-3-319-31301-6_19
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Berlin (2004). doi:10.1007/978-3-540-28632-5_2
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Berlin (2003). doi:10.1007/3-540-36400-5_3
David, L., Wool, A.: A bounded-space near-optimal key enumeration algorithm for multi-dimensional side-channel attacks. Cryptology ePrint Archive, Report 2015/1236 (2015). http://eprint.iacr.org/2015/1236
Dichtl, M.: A new method of black box power analysis and a fast algorithm for optimal key search. J. Crypt. Eng. 1(4), 255–264 (2011)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Berlin (2001). doi:10.1007/3-540-44709-1_21
Glowacz, C., Grosso, V., Poussier, R., Schüth, J., Standaert, F.-X.: Simpler and more efficient rank estimation for side-channel security assessment. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 117–129. Springer, Berlin (2015). doi:10.1007/978-3-662-48116-5_6
Junod, P., Vaudenay, S.: Optimal key ranking procedures in a statistical cryptanalysis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 235–246. Springer, Berlin (2003). doi:10.1007/978-3-540-39887-5_18
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Berlin (1999). doi:10.1007/3-540-48405-1_25
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Berlin (1996). doi:10.1007/3-540-68697-5_9
Martin, D.P., O’Connell, J.F., Oswald, E., Stam, M.: Counting keys in parallel after a side channel attack. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 313–337. Springer, Berlin (2015). doi:10.1007/978-3-662-48800-3_13
Meier, W., Staffelbach, O.: Analysis of pseudo random sequences generated by cellular automata. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 186–199. Springer, Berlin (1991). doi:10.1007/3-540-46416-6_17
Oren, Y., Weisse, O., Wool, A.: A new framework for constraint-based probabilistic template side channel attacks. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 17–34. Springer, Berlin (2014). doi:10.1007/978-3-662-44709-3_2
Pan, J., Woudenberg, J.G.J., Hartog, J.I., Witteman, M.F.: Improving DPA by peak distribution analysis. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 241–261. Springer, Berlin (2011). doi:10.1007/978-3-642-19574-7_17
Poussier, R., Grosso, V., Standaert, F.-X.: Comparing approaches to rank estimation for side-channel security evaluations. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 125–142. Springer, Cham (2016). doi:10.1007/978-3-319-31271-2_8
Poussier, R., Standaert, F.-X., Grosso, V.: Simple key enumeration (and rank estimation) using histograms: an integrated approach. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 61–81. Springer, Berlin (2016). doi:10.1007/978-3-662-53140-2_4
Quisquater, J.-J., Samyde, D.: ElectroMagnetic analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Berlin (2001). doi:10.1007/3-540-45418-7_17
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Berlin (2009). doi:10.1007/978-3-642-01001-9_26
Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 390–406. Springer, Berlin (2013). doi:10.1007/978-3-642-35999-6_25
Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 126–141. Springer, Berlin (2013). doi:10.1007/978-3-642-38348-9_8
Ye, X., Eisenbarth, T., Martin, W.: Bounded, yet sufficient? how to determine whether limited side channel information enables key recovery. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 215–232. Springer, Cham (2015). doi:10.1007/978-3-319-16763-3_13
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
David, L., Wool, A. (2017). A Bounded-Space Near-Optimal Key Enumeration Algorithm for Multi-subkey Side-Channel Attacks. In: Handschuh, H. (eds) Topics in Cryptology – CT-RSA 2017. CT-RSA 2017. Lecture Notes in Computer Science(), vol 10159. Springer, Cham. https://doi.org/10.1007/978-3-319-52153-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-52153-4_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52152-7
Online ISBN: 978-3-319-52153-4
eBook Packages: Computer ScienceComputer Science (R0)