Abstract
It has been widely accepted that the security cryptosystems should be only dependent on the security of their secret keys. However, there are still secret ciphers with unknown components in their commercial applications due to various reasons. The existing reverse engineering analyzes are developed for analyzing specific ciphers, and cannot cope with secret algorithms with different structures. By looking into the common characteristics of the secret algorithms of ciphers implemented with unknown S-boxes, we proposed a novel reverse engineering analysis approach referred to as Signed Reverse Engineering based on Differential Power Analysis (SREDPA). It is a generic reverse engineering analysis and can recover the parameters of the secret S-boxes of the block ciphers in typical structures such as SPN, Feistel, and XFeistel (eXtended Feistel). By identifying the bias of the differential power analysis (DPA) traces, we build the theoretical model of SREDPA and prove its effectiveness. Experiments are performed on secret algorithms in different structures and further validate our SREDPA experimentally. The complexity of SREDPA only relies on the size of S-boxes and the reverse engineering analysis is efficient. As shown in the theoretical analysis and the conducted experiments, our SREDPA approach is readily to be extended for analyzing other secret ciphers with unknown S-boxes. This renders a new challenge on the design and implementation of secret ciphers.
Similar content being viewed by others
References
Biryukov A, Shamir A. Structural cryptanalysis of SASAS. In: Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, 2001. 2045: 394–405
Borghoff J, Knudsen L R, Leander G, et al. Cryptanalysis of C2. In: Proceedings of the 29th Annual International Cryptology Conference, Santa Barbara, 2009. 5677: 250–266
Borghoff J, Knudsen L R, Leander G, et al. Cryptanalysis of PRESENT-like ciphers with secret S-boxes. In: Proceedings of the 18th International Workshop on Fast Software Encryption, Lyngby, 2011. 6733: 270–289
Daudigny R, Ledig H, Muller F, et al. SCARE of the DES. In: Proceedings of the 3rd International Conference on Applied Cryptography and Network Security, New York, 2005. 3531: 393–406
Novak R. Side-channel attack on substitution blocks. In: Proceedings of the 1st International Conference on Applied Cryptography and Network Security, Kunming, 2003. 2846: 307–318
Novak R. Side-channel based reverse engineering of secret algorithms. In: Proceedings of the 12th International Electrotechnical and Computer Science Conference, Ljubljana, 2003. 445–448
Rivain M, Roche T. SCARE of secret ciphers with SPN structures. In: Proceedings of 19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, 2013. 8269: 526–544
Novak R. Sign-based differential power analysis. In: Proceedings of the 4th International Workshop on Information Security Applications, Jeju Island, 2003. 2908: 203–216
Guilley S, Sauvage L, Micolod J, et al. Defeating any secret cryptography with SCARE attacks. In: Proceedings of the 1st International Conference on Cryptology and Information Security, Puebla, 2010. 6212: 273–293
Réal D, Dubois V, Guilloux A, et al. SCARE of an unknown hardware Feistel implementation. In: Proceedings of the 8th Conference on Smart Card Research and Advanced Applications, London, 2008. 5189: 218–227
Amiel F, Feix B, Villegas K. Power analysis for secret recovering and reverse engineering of public key algorithms. In: Proceedings of the 14th International Workshop on Selected Areas in Cryptography, Ottawa, 2007. 4876: 110–125
Mulder E D, Ors S B, Preneel B, et al. Differential power and electromagnetic attacks on a FPGA implementation of elliptic curve cryptosystems. Comput Electr Eng, 2007, 33: 367–382
Moradi A, Shalmani M T M, Salmasizadeh M. Dual-rail transition logic: a logic style for counteracting power analysis attacks. Comput Electr Eng, 2009, 35: 359–369
Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 1999. 1666: 388–397
Messerges T S. Using second-order power analysis to attack DPA resistant software. In: Proceedings of the 2nd International Workshop on Cryptographic Hardware and Embedded Systems, Worcester, 2000. 1965: 238–251
Izadi M, Sadeghiyan B, Sadeghian S S, et al. MIBS: A new lightweight block cipher. In: Proceedings of the 8th International Conference on Cryptology and Network Security, Kanazawa, 2009. 5888: 334–348
Mangard S. Hardware countermeasures against DPA-A statistical analysis of their effectiveness. In: Proceedings of Conference on the Cryptographers’ Track at the RSA, San Francisco, 2004. 2964: 222–235
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tang, M., Qiu, Z., Peng, H. et al. Toward reverse engineering on secret S-boxes in block ciphers. Sci. China Inf. Sci. 57, 1–18 (2014). https://doi.org/10.1007/s11432-013-5053-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-013-5053-9