Abstract
In this paper, we present improvements of the algebraic side-channel analysis of the Advanced Encryption Standard (AES) proposed in the works of M. Renauld and F.-X. Standaert. In particular, we optimize the algebraic representation of both the AES block cipher and obtained side-channel information, in the form of Hamming weights of intermediate states, in order to speed up the attack and increase its success rate. We study the performance of our improved attack in both known and unknown plaintext/ciphertext attack scenarios. Our experiments indicate that in both cases the amount of required side-channel information is less than the one required in the attacks introduced earlier. Furthermore, we introduce a method for handling erroneous side-channel information, which allows our improved algebraic side-channel attack (IASCA) to partially escape the assumption of an error-free environment and thus become applicable in practice. We demonstrate the practical use of our IASCA by inserting predictions from a single-trace template attack.
Similar content being viewed by others
Notes
Available at http://www.ecrypt.eu.org/tools/ascatocnf.
Available at https://sourceforge.net/projects/iasca.
Note that this example was chosen as one of the less accurate predictions of the template attack.
Oren et al. use 100 HWs per round instead of 84 since they additionally use 16 HWs of the key used in a round.
This scenario is about equal to the performance using \(T=95\,\%\) in Table 9.
Note that we approximate the distribution, which may yield imprecise results.
Since we only have 100 realizations of the distribution we used each solving time as a threshold. This is, however, not a precise method since it does not include interpolation between the solving times.
References
Renauld, M., Standaert, F.X., Charvillon, N.V.: Algebraic side-channel attacks on the AES: why time also matters in DPA. In: Gaj, C. (ed.) CHES 2009, ser. LNCS, vol. 5747, pp. 97–111 (2009)
Renauld, M., Standaert, F.-X.: Algebraic side-channel attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt, ser. LNCS, vol. 6151, pp. 393–410 (2009)
Oren, Y., Kirschbaum, M., Popp, T., Wool, A.: Algebraic side-channel analysis in the presence of errors. In: Mangard, S., Standaert, F.-X. (eds.) CHES, ser. Lecture Notes in Computer Science, vol. 6225, pp. 428–442. Springer (2010)
Oren, Y., Wool, A.: Tolerant algebraic side-channel analysis of AES. In: Cryptology eprint archive, report 2012/092. http://eprint.iacr.org/ (2012)
Zhao, X., Zhang, F., Guo, S., Wang, T., Shi, Z., Liu, H., Ji, K.: MDASCA: an enhanced algebraic side-channel attack for error tolerance and new leakage model exploitation. In: Schindler, W., Huss, S. (eds.) COSADE, ser. LNCS, vol. 7275, pp. 231–248 (2012)
Zhao, X., Wang, T., Guo, S., Zhang, F., Shi, Z., Liu, H., Wu, K.: SAT based error tolerant algebraic side-channel attacks., In: Conference on cryptographic algorithms and cryptographic chips (CASC2011) (2011)
Oren, Y., Renauld, M., Standaert, F.-X., Wool, A.: Algebraic side-channel attacks beyond the Hamming weight leakage model. In: Prouff, E., Schaumont, P. (eds.) CHES 2012, ser. LNCS, vol. 7428, pp. 140–154 (2012)
Mohamed, M.S.E., Bulygin, S., Zohner, M., Heuser, A., Walter, M., Buchmann, J.: Improved algebraic side-channel attack on AES. In: Gaj, C. (ed.) IEEE international symposium on hardware-oriented security and trust (HOST), pp. 146–151 (2012)
NIST: Advanced encryption standard (AES) (FIPS PUB 197). National Institute of Standards and Technology (2001)
Murphy, S., Robshaw, M., Cid, C.: Algebraic aspects of the advanced encryption standard. Springer (2006)
Fraenkel, A., Yesha, Y.: Complexity of problems in games, graphs and algebraic equations. Discret. Appl. Math. 1(2), 15–30 (1979)
Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: MEGA 2005, eighth international symposium on effective methods in algebraic geometry (2005)
Biere, A., Heule, M., van Maaren, H., Walsh, T. (eds.) Handbook of satisfiability. IOS Press (2009)
Soos, M.: Grain of salt—an automated way to test stream ciphers through SAT solvers. Tech. Rep. (Online). http://www.msoos.org/grain-of-salt
Bard, G., Courtois, N. Jr., J. N., Sepehrdad, P., Zhang, D.: Algebraic, AIDA/cube and side channel analysis of KATAN family of block ciphers. In: Gong, G., Gupta, K. (eds.) IndoCrypt, ser. LNCS, vol. 6498, pp. 176–196. Springer (2010)
Bulygin, S., Buchmann, J.: Algebraic cryptanalysis of the round-reduced and side channel analysis of the full PRINTCipher-48. In: Lin, D., Tsudik, G., Wang, X. (eds.) CANS 2011, ser. LNCS, vol. 7092, pp. 54–75. Springer (2011)
Soos, M.: Cryptominisat 2.5.0. In: SAT race competitive event booklet (2010)
Bard, G.: Algebraic cryptanalysis. Springer (2009)
Davis, M., Logemann, G., Loveland, D.: A machine program for theorem-proving. Commun. ACM 5(7), 394–397 (1962)
Davis, M., Putnam, H.: A computing procedure for quantification theory. J. ACM 7(3), 201–215 (1960)
Cid, C., Weinmann, R.P.: Block ciphers: algebraic cryptanalysis and Groebner bases. In: Sala, M., Mora,T., Perret, L., Sakata, S., Traverso, C. (eds.) Groebner bases, coding, and cryptography, pp. 307–328. Springer (2009)
Chari, S., Rao, J.R., Rohatgi, P.:Template attacks. In: Jr., B.K., Koç, Ç.K., Paar, C. (eds.) CHES 2002, ser. LNCS, vol. 2523, pp. 13–28 (2002)
Aabid, M., Guilley, S., Hoogvorst, P.: Template attacks with a power model. In: Cryptology eprint archive, report 2007/443. http://eprint.iacr.org/ (2007)
Heuser, A., Zohner, M.: Intelligent machine homicide—breaking cryptographic devices using support vector machines. In: Schindler, W., Huss, S. (eds.) COSADE, ser. LNCS, vol. 7275, pp. 249–264 (2012)
Medwed, M., Standaert, F.-X., Großschädl, J., Regazzoni, F.: Fresh re-keying: security against side-channel and fault attacks for low-cost devices. In: AFRICACRYPT, pp. 279–296 (2010)
Karnaugh, M.: The map method for synthesis of combinational logic circuits. Trans. Am. Inst. Electr. Eng. (part I) 72(9), 593–599 (1953)
Brickenstein, M.: Boolean Grbner bases—theory. algorithms and applications. Logos, Berlin (2010)
Carlet, C., Goyet, C., Faugère, J.-C., Renault, G.: Analysis of the algebraic side channel attack. J. Cryptogr. Eng., 1–18 (2012)
Mangard, S., Oswald, E.T.: Power analysis attacks—revealing the secrets of smart cards. Springer, Popp (2007)
Acknowledgments
The work presented in this contribution was supported by the German Federal Ministry of Education and Research (BMBF) in the project RESIST through grant number 01IS10027A. The second author was supported by the German Science Foundation (DFG) grant BU 630/22-1. The third author was supported by the German Federal Ministry of Education and Research (BMBF) within EC SPRIDE. We would like to thank Mathieu Renauld for his useful comments on this paper and for his valuable suggestions. We thank Mate Soos for assisting with using CryptoMiniSat.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Mohamed, M.S.E., Bulygin, S., Zohner, M. et al. Improved algebraic side-channel attack on AES. J Cryptogr Eng 3, 139–156 (2013). https://doi.org/10.1007/s13389-013-0059-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-013-0059-1