An improved side channel attack using event information of subtraction
Introduction
The function of authentication between devices and users is essential in secure environment. Therefore, the system leakages in authentication process mean that the security of the target system is fully broken. Especially on homeland security, access control module must block out unconfirmed men.
Digital signature is widely used for authentication module. Generally, almost all developers with implementation level, it is regarded that cryptographic algorithm used in digital signature is just secure. Although a cryptographic algorithm might be secure, we cannot guarantee that the security of the device utilizing the cryptographic algorithm because of the physical leakages. One of physical leakages is side channel attack (SCA) (Kocher, 1996). Side channel attack is a new topic of modern cryptography with physical provable security (Pietrzak). Since Kocher et al. proposed SCA, many studies have made progress in this research area. These studies can be divided into two categories.
The first category comprises studies of countermeasures against attack techniques (Allar and Giraud, 2001, ltoh et al., 2002, Mangard et al., 2007, Moradi and Mischke, 2012). When attack techniques have been published, suitable countermeasures against them have been proposed. The results of this kind of study are used as criteria for examining the safety of the cryptographic devices used by public institutions. These studies include arguments about the guarantee of theoretical safety. Not only countermeasures against attacks that are implemented in software exist, but also those that block any attempt to attack in the hardware layers (Mangard et al., 2007). For example, simple hardware solutions that use noise insertion exist.
The second category comprises studies on improved attack techniques. In general, these studies address the creation of new distinguishers. The main difference of this kind of study from those that involve only theoretical cryptographic analysis is that it considers the mathematical complexity. The adversary must have the criteria for distinguishing between a correct and an incorrect key. These distinguishers originate in a power consumption model.
Many attack techniques depend on distinguishers and many practical and theoretical techniques have been proposed, namely: DPA (differential power analysis) (Kocher et al., 1999); CPA (correlation power analysis) (Brier et al., 2004); template attack (Chari et al., 2003); improved DPA (Agrawal et al., 2003); and recently, MIA (mutual information analysis) (Oswald and Rohatgi, 2008), algebraic power analysis (Oren et al., 2012).
Another category of studies of enhanced-attack techniques addresses the development of new analysis methods, for example, a multi-round power analysis to break countermeasures applied by the block cipher algorithm (Zhou and Yung, 2010), or creates specialized techniques to attack the many implementation methods of public key cryptographic algorithms, for example, RSA (Rivest et al., 1978) and ECC (Koblitz). This category includes Boer et al.'s (2002) RSA-CRT algorithm attack on the reduction step, MRED, Novak's (2002) attack on the recombination step, and Amiel et al.'s (2007) study. In particular, there are many advanced studies on MRED, such as (Park et al., 2011), that address analysis methods and the interpretation of ghost key patterns.
This paper proposes an extension of the enhanced-side channel attack method against a public key algorithm. We use the fact that an unusual power signal occurs as a result of a characteristic event in the subtraction operation of a reduction algorithm. This method is called SAED (subtraction algorithm analysis on equidistant data), its idea is similar to MRED but the basis of principle is fully different. It does not use a Hamming weight-based power signal, but utilizes the fact that an arithmetic process event generates power information by using probabilistic analysis. To prove the efficacy of this attack, we adopt a new power signal model assumption, called the event-based power model. According to our results, SAED dramatically reduces the number of traces that is required to acquire the sensitive information about RSA-CRT.
Section snippets
Overview: MRED
Boer et al. (2002) introduced a brilliant power analysis of RSA-CRT. The target of this method is the initial reduction step xp=xmodp of RSA-CRT. It uses
With this property, an adversary can guess the value of r directly, although p is secret in the algorithm. The adversary inputs equidistant messages {x, x−1, x−2, …} in a row to acquire the power signal of Eq. (1)’s pattern. Finally, he can collect traces of outputs such as {r, r−1, r−2, …}. In the analysis of the least significant
Difference between SAED and MRED
Algorithm 2 describes the attack algorithm of RSA-CRT CPA using SAED. It is different from Algorithm 1 in that the Hamming weight-power model is ignored; see Step1.1. This is because SAED does not depend on the data of r. Our method assumes that the power signal is influenced considerably by the algorithm changing as a result of equidistant inputs. We explain how it is possible to acquire the secret value using a non-Hamming weight assumption. Algorithm 1 MRED(v -th byte)INPUT: s1,…,st t—equidistant power
Experimental environments
Table 4 shows the environment of our experiment. We implement an 8-bit multi-precision reduction algorithm on two kinds of software board, MSP430 and the ARM7-based chip board. The input message is equidistant and 32 bytes minimize RSA-CRT, so that the experiment will be efficient.
SAED results and interpretation
Fig. 4 shows the maximum correlation coefficient of 256 LSB key candidates in the subtraction time period of the reduction algorithm. The setting of r0 and c0 is the same as in Section 4.3: r0=135, c0=120. Fig. 4
Conclusion
This paper proposed a new power analysis of RSA-CRT. It is a power analysis of digital signature using widly used public key system RSA. Therefore, this is meaningful research in any secure environment, especially homeland security.
In particular, it described an event occurrence power model and a probabilistic architecture for CPA. Further, we showed the success of an attack theoretically and experimentally. SAED does not depend on the Hamming weight model as does SPA. However, we make a
Acknowledgments
This research was funded by the MSIP(Ministry of Science, ICT & Future Planning), Korea in the ICT R&D Program 2013
References (24)
- Agrawal D, Rao JR, Rohatgi P. Multi-channel attacks, CHES 2003. LNCS 2779, Springer-Verlag; 2003. p....
- et al.
An implementation of DES and AES, secure against some attacks
CHES 2001, LNCS 2162
(2001) - et al.
Power analysis for secret recovering and reverse engineering of public key algorithms
SAC 2007
(2007) - et al.
A DPA attack against the modular reduction within a CRT implementation of RSA
(2002) - et al.
Correlation power analysis with a leakage model
CHES 2004. LNCS 3156
(2004) - et al.
Weierstrass elliptic curves and side channel attacks
PKC 2002, D. Naccache & Paillier, LNCS 2274,
(2002) - et al.
Template attacks
CHES 2002, LNCS
(2003) - N.Koblitz. Elliptic curve cryptosystem, Mathematics of computation,...
Timing attacks on implementations of Diffe-Hellman, RSA, DSS and other systems”, Advances in Cryptology - CRYPTO 96
(1996)- et al.
Differential power analysis
CRYPTO 1999, LNCS 1666
(1999)
Power analysis attacks, revealing the secret of smart cards
12
Cited by (6)
Advanced technologies for homeland defense and security
2014, Journal of Network and Computer ApplicationsA New side-channel attack on reduction of rsa-crt montgomery method based
2021, Journal of Circuits, Systems and ComputersNEMR: A Nonequidistant DPA Attack-Proof of Modular Reduction in a CRT Implementation of RSA
2018, Journal of Circuits, Systems and ComputersAttacking AES-masking encryption device with correlation power analysis
2018, International Journal of Communication Networks and Information SecurityA unified method based on SPA and timing attacks on the improved RSA
2016, China Communications