Abstract
Side-channel analysis is a well-known and efficient hardware technique to recover embedded secrets in microprocessors. Countermeasures relying on random masking have been proven to be sound protections against such threats and are usually added to protect sensitive intermediate data during the algorithm process. However, Second-Order Side-Channel Analysis have proven to allow secret key recovery in the presence of random masking. In [4] an attack was introduced which exploits the information exchange at the cryptographic protocol level in order to disclose the secret key of the ISO/IEC 9797-1 MAC algorithm 3 using DES operations. A countermeasure suggestion was for a mask to be applied at the protocol level in order to protect all secret data. This paper extends the attack idea previously published to second order attacks on masked implementations of the ISO/IEC 9797-1 MAC algorithm 3 and shows that securing against such attacks must be done with care.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
\(\oplus \) represents the bitwise exclusive OR operation.
- 2.
Regarding the standard deviation of the noise, a unit corresponds to the side-channel difference related to a one bit difference in the Hamming weight.
References
Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001). doi:10.1007/3-540-44709-1_26
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28632-5_2
Doget, J., Prouff, E., Rivain, M., Standaert, F.-X.: Univariate side channel attacks and leakage modeling. IACR Cryptology ePrint Archive, 2011:302 (2011)
Feix, B., Thiebeauld, H.: Defeating ISO9797-1 MAC Algo 3 by Combining Side-Channel and Brute Force Techniques. Cryptology ePrint Archive, Report 2014/702 (2014)
Federal Information Processing Standards Publication (FIPS). Data Encryption Standard - DES, FIPS PUB 46-3 (1999)
Fournier, R.: Implementation et Evaluation des Attaques par Brute-Force et par Analyse de Canaux Auxiliaires sur des Algorithmes Cryptographiques l’Aide de Processeurs Graphiques. Intership Limoges University (2015)
Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85053-3_27
ISO/IEC. Information technology - Security techniques - Message Authentication Codes (MACs). ISO/IEC Standards (1999)
Joye, M., Paillier, P., Schoenmakers, B.: On second-order differential power analysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 293–308. Springer, Heidelberg (2005). doi:10.1007/11545262_22
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25
Kumar, S., Paar, C., Pelzl, J., Pfeiffer, G., Schimmler, M.: Breaking ciphers with COPACOBANA –a cost-optimized parallel code breaker. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 101–118. Springer, Heidelberg (2006). doi:10.1007/11894063_9
Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000). doi:10.1007/3-540-44499-8_19
Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005). doi:10.1007/11545262_3
Waddle, J., Wagner, D.: Towards efficient second-order power analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28632-5_1
Acknowledgements
The authors would like to thank Loic Thierry for the fruitful discussions we had on this subject in the past.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Feix, B., Ricart, A., Timon, B., Tordella, L. (2017). Defeating Embedded Cryptographic Protocols by Combining Second-Order with Brute Force. In: Lemke-Rust, K., Tunstall, M. (eds) Smart Card Research and Advanced Applications. CARDIS 2016. Lecture Notes in Computer Science(), vol 10146. Springer, Cham. https://doi.org/10.1007/978-3-319-54669-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-54669-8_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54668-1
Online ISBN: 978-3-319-54669-8
eBook Packages: Computer ScienceComputer Science (R0)