skip to main content
10.1145/2897845.2897868acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

Leakage Fingerprints: A Non-negligible Vulnerability in Side-Channel Analysis

Published: 30 May 2016 Publication History

Abstract

Low-entropy masking schemes and shuffling technique are two common countermeasures against traditional side-channel analysis. Improved Rotating S-box Masking (RSM) is a combination of both countermeasures and is implemented by DPA contest committee to improve the software security level of AES-128. Compared with the original version, improved RSM mainly introduces both the offset and shuffle array as security foundations to counteract the existing attacks. In this paper, we first point out a general vulnerability referred to as "leakage fingerprints" and make use of it to successfully crack the offset array with 100% accuracy, which breaks down the masking countermeasure in the first step. Then, we show that cracking the shuffle array is still feasible but not necessary since several other vulnerabilities in the implementation level can be exploited to bypass the shuffle countermeasure directly. By selectively combining all these vulnerabilities, a dozen of attacks can be put forward, and we perform two of them as examples to verify their effectiveness. Official evaluation results show that, both attacks submitted by us are practical and feasible, and also operate with high efficiency. In terms of two major performance metrics, our best scheme requires 4 traces to reveal the AES master key with 80% Global Success Rate (GSR) and only 2 traces are enough to reduce the Maximum Partial Guessing Entropy (PGE) under 10.

References

[1]
Implementation of the dpa contest v4.2 on the atmel atmega-163 smart card. http://www.dpacontest.org/v4/data/v4_2/smart_v42_2.zip.
[2]
Other attacks submitted in the official website. http://www.dpacontest.org/v4/42_hall_of_fame.php.
[3]
S. Bhasin, N. Bruneau, J.-L. Danger, S. Guilley, and Z. Najm. Analysis and improvements of the dpa contest v4 implementation. In Security, Privacy, and Applied Cryptography Engineering, pages 201--218. Springer, 2014.
[4]
E. Brier, C. Clavier, and F. Olivier. Correlation power analysis with a leakage model. In Cryptographic Hardware and Embedded Systems-CHES 2004, pages 16--29. Springer, 2004.
[5]
C. Carlet and S. Guilley. Side-channel indistinguishability. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, page 9. ACM, 2013.
[6]
S. Chari, J. R. Rao, and P. Rohatgi. Template attacks. In Cryptographic Hardware and Embedded Systems-CHES 2002, pages 13--28. Springer, 2003.
[7]
J.-S. Coron and L. Goubin. On boolean and arithmetic masking against differential power analysis. In Cryptographic Hardware and Embedded Systems--CHES 2000, pages 231--237. Springer, 2000.
[8]
G. Fumaroli, A. Martinelli, E. Prouff, and M. Rivain. Affine masking against higher-order side channel analysis. In Selected Areas in Cryptography, pages 262--280. Springer, 2011.
[9]
C. Herbst, E. Oswald, and S. Mangard. An aes smart card implementation resistant to power analysis attacks. In Applied cryptography and Network security, pages 239--252. Springer, 2006.
[10]
P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Advances in Cryptology--CRYPTO'99, pages 388--397. Springer, 1999.
[11]
S. Kutzner and A. Poschmann. On the security of rsm-presenting 5 first-and second-order attacks. In Constructive Side-Channel Analysis and Secure Design, pages 299--312. Springer, 2014.
[12]
S. Mangard. A simple power-analysis (spa) attack on implementations of the aes key expansion. In Information Security and Cryptology--ICISC 2002, pages 343--358. Springer, 2003.
[13]
S. Mangard, E. Oswald, and T. Popp. Power analysis attacks: Revealing the secrets of smart cards, volume 31. Springer Science & Business Media, 2008.
[14]
R. P. McEvoy, C. C. Murphy, W. P. Marnane, and M. Tunstall. Isolated wddl: a hiding countermeasure for differential power analysis on fpgas. ACM Transactions on Reconfigurable Technology and Systems (TRETS), 2(1):3, 2009.
[15]
M. Nassar, S. Guilley, and J.-L. Danger. Formal analysis of the entropy/security trade-off in first-order masking countermeasures against side-channel attacks. In Progress in Cryptology--INDOCRYPT 2011, pages 22--39. Springer, 2011.
[16]
M. Nassar, Y. Souissi, S. Guilley, and J.-L. Danger.protectRSM: a small and fast countermeasure for aes, secure against 1st and 2nd-order zero-offset scas. In Design, Automation & Test in Europe Conference & Exhibition (DATE), 2012, pages 1173--1178. IEEE, 2012.
[17]
E. Prouff and M. Rivain. A generic method for secure sbox implementation. In Information Security Applications, pages 227--244. Springer, 2007.
[18]
N. F. Pub. 197: Advanced encryption standard (aes). Federal Information Processing Standards Publication, 197:441--0311, 2001.
[19]
M. Rivain and E. Prouff. Provably secure higher-order masking of aes. In Cryptographic Hardware and Embedded Systems, CHES 2010, pages 413--427. Springer, 2010.
[20]
F.-X. Standaert, T. G. Malkin, and M. Yung. A unified framework for the analysis of side-channel key recovery attacks. In Advances in Cryptology-EUROCRYPT 2009, pages 443--461. Springer, 2009.
[21]
K. Tiri and I. Verbauwhede. A logic level design methodology for a secure dpa resistant asic or fpga implementation. In Proceedings of the conference on Design, automation and test in Europe-Volume 1, page 10246. IEEE Computer Society, 2004.
[22]
M. Tunstall, C. Whitnall, and E. Oswald. Masking tables-an underestimated security risk. In Fast Software Encryption, pages 425--444. Springer, 2014.
[23]
J. VanLaven, M. Brehob, and K. J. Compton. A computationally feasible spa attack on aes via optimized search. In Security and Privacy in the Age of Ubiquitous Computing, pages 577--588. Springer, 2005.
[24]
N. Veyrat-Charvillon, M. Medwed, S. Kerckhof, and F.-X. Standaert. Shuffling against side-channel attacks: A comprehensive study with cautionary note. In Advances in Cryptology--ASIACRYPT 2012, pages 740--757. Springer, 2012.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security
May 2016
958 pages
ISBN:9781450342339
DOI:10.1145/2897845
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 May 2016

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. DPA contest v4.2
  2. euclidean distance
  3. leakage fingerprints
  4. low entropy masking schemes
  5. shuffling
  6. side-channel analysis

Qualifiers

  • Research-article

Conference

ASIA CCS '16
Sponsor:

Acceptance Rates

ASIA CCS '16 Paper Acceptance Rate 73 of 350 submissions, 21%;
Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 196
    Total Downloads
  • Downloads (Last 12 months)9
  • Downloads (Last 6 weeks)3
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media