Cited By
View all- Zagi LAziz B(2020)Privacy Attack On IoT: a Systematic Literature Review2020 International Conference on ICT for Smart Society (ICISS)10.1109/ICISS50791.2020.9307568(1-8)Online publication date: 19-Nov-2020
Fixing the CLOC with Fine-grain Leakage Analysis
Authors: 
William Diehl, Farnoud Farahmand, Abubakr Abdulgadir, Jens-Peter Kaps, Kris GajAuthors Info & Claims
William Diehl, Farnoud Farahmand, Abubakr Abdulgadir, Jens-Peter Kaps, Kris GajAuthors Info & ClaimsPages 75 - 80
Abstract
Authenticated ciphers offer the promise of improved security for resource-constrained devices. Recent cryptographic contests and standardization efforts are evaluating authenticated ciphers for performance and security, including resistance to Differential Power Analysis (DPA). In this research, we study the CLOC-AES authenticated cipher in terms of vulnerability to DPA and cost of implementation of countermeasures against DPA. Using the FOBOS test architecture, we first show that an FPGA implementation of CLOC is vulnerable to DPA through Test Vector Leakage Assessment methodology (i.e., t-tests). After applying DPA countermeasures, we show that protected CLOC implementations pass t-tests, except for discrete leakage corresponding to a data-dependent branch condition in the CLOC specification. Using an enhanced tool called FOBOS Profiler, we analyze the source of t-test failure down to the exact clock cycle and device state, to confirm the source of leakage. We introduce a new protected non-linear transformation into the datapath, remove all data-dependent decision criteria from the device controller, and verify that the updated protected implementations pass t-tests. We show that the cost of including the protected non-linear transformation leads to 3.8 factor growth in area, 48 percent reduction in throughput, and 86 percent reduction in throughput-to-area ratio, compared to the unprotected implementation. Our analysis shows the high cost of DPA-protected non-linear transformations in authenticated ciphers above the cryptographic primitive layer.
References
[1]
Daniel J. Bernstein. 2016. Cryptographic Competitions . (Jul 2016). https://groups.google.com/forum/#!forum/crypto
[2]
Begül Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2014. A More Efficient AES Threshold Implementation . Progress in Cryptology -- AFRICACRYPT 2014 . 267--284.
[3]
CAESAR. 2012. Competition for Authenticated Encryption: Security, Applicability, and Robustness . (2012). http://competitions.cr.yp.to/caesar.html.
[4]
David Canright and Lejla Batina. 2008. A Very Compact 'Perfectly Masked' S-Box for AES . ACNS .
[5]
CERG. 2016. Flexible Open-source workBench fOr Side-channel analysis (FOBOS) . (Oct 2016). https://cryptography.gmu.edu/fobos/
[6]
CERG. 2017. Development Package for Hardware Implementations Compliant with the CAESAR Hardware API, v2.0 . (Dec 2017). https://cryptography.gmu.edu/athena/index.php?id=CAESAR.
[7]
William Diehl, Abubakr Abdulgadir, Farnoud Farahmand, Jens-Peter Kaps, and Kris Gaj. 2018. Comparison of Cost of Protection Against Differential Power Analysis of Selected Authenticated Ciphers. In 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). 147--152.
[8]
George Mason University. 2016. CERG Source Code. (Oct 2016). https://cryptography.gmu.edu/athena/index.php?id=sourcecodes
[9]
Gilbert Goodwill, Benjamin Jun, Josh Jaffe, and Pankaj Rohatgi. 2011. A Testing Methodology for Side Channel Resistance Validation . NIST Non-invasive Attack Testing Workshop. (2011).
[10]
Hannes Groß and Stefan Mangard. 2017. Reconciling $d
[11]
1$ Masking in Hardware and Software . IACR Cryptology ePrint Archive, Vol. 2017 (2017), 103.
[12]
Ekawat Homsirikamol, William Diehl, Ahmed Ferozpuri, Farnoud Farahmand, Panasayya Yalla, Jens-Peter Kaps, and Kris Gaj. 2016. CAESAR Hardware API . Cryptology ePrint Archive, Report 2016/626. (2016). http://eprint.iacr.org/2016/626.pdf.
[13]
Ekawat Homsirikamol, Panasayya Yalla, Farnoud Farahmand, William Diehl, Ahmed Ferozpuri, Jens-Peter Kaps, and Kris Gaj. 2017. Implementer's Guide to Hardware Implementations Compliant with the CAESAR Hardware API, v2.0 . (Dec 2017). https://cryptography.gmu.edu/athena/CAESAR_HW_API/CAESAR_HW_Implementers_Guide_v2.0.pdf
[14]
Tetsu Iwata, Kazuhiko Minematsu, Jian Guo, Sumio Morioka, and Eita Kobayashi. 2016. CLOC and SILC . (Sep 2016). https://competitions.cr.yp.to/round3/clocsilcv3.pdf
[15]
Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In Advances in Cryptology -- CRYPTO' 99 . 388--397.
[16]
Paul Kocher, Joshua Jaffe, Benjamin Jun, and Pankaj Rohatgi. 2011. Introduction to Differential Power Analysis . Journal of Cryptographic Engineering, Vol. 1, 1 (01 Apr 2011), 5--27.
[17]
Amir Moradi, Axel Poschmann, San Ling, Christof Paar, and Huaxiong Wang. 2011. Pushing the Limits: A Very Compact and a Threshold Implementation of AES. In Advances in Cryptology -- EUROCRYPT 2011. 69--88.
[18]
Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-Channel Attacks and Glitches. In Information and Communications Security. 529--545.
[19]
NIST. 2001. Federal Information Processing Standards Publication 197, Advanced Encryption Standard (AES) . (2001).
[20]
NIST. 2018. DRAFT Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process . (Apr 2018).
[21]
Niels Samwel and Joan Daemen. 2017. DPA on Hardware Implementations of Ascon and Keyak. In Proceedings of the Computing Frontiers Conference, CF'17, Siena, Italy, May 15--17, 2017 . ACM, 415--424.
[22]
Tobias Schneider and Amir Moradi. 2016. Leakage Assessment Methodology . Journal of Cryptographic Engineering, Vol. 6, 2 (Jun 2016), 85--89.
[23]
Franccois-Xavier Standaert. 2017. How (not) to Use Welch's T-test in Side-Channel Security Evaluations . Cryptology ePrint Archive, Report 2017/138. (2017). https://eprint.iacr.org/2017/138.pdf.
Index Terms
- Fixing the CLOC with Fine-grain Leakage Analysis
Recommendations
Isolated WDDL: A Hiding Countermeasure for Differential Power Analysis on FPGAs
Security protocols are frequently accelerated by implementing the underlying cryptographic functions in reconfigurable hardware. However, unprotected hardware implementations are susceptible to side-channel attacks, and Differential Power Analysis (DPA) ...
Leakage-resilient CCA2-secure certificateless public-key encryption scheme without bilinear pairing
In practical applications, an encryption scheme should withstand various leakage attacks (e.g., side-channel attacks, cold-boot attacks, etc.). Thus, in this paper, a new leakage-resilient certificateless public-key encryption (LR-CL-PKE) scheme is ...
Correlation power analysis attack of AES on FPGA using customized communication protocol
CCSEIT '12: Proceedings of the Second International Conference on Computational Science, Engineering and Information TechnologyCorrelation power analysis (CPA) is the most popular and powerful type of power analysis attacks against cryptographic modules. An attacker exploits the correlation between the power consumed by the device and the data generated during computation. In ...
Comments
Information & Contributors
Information
Published In
October 2018
88 pages
ISBN:9781450359962
DOI:10.1145/3266444
- General Chairs:
- Chip Hong Chang,
- Ulrich Rührmair,
- Program Chairs:
- Daniel Holcomb,
- Jorge Guajardo
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 15 January 2018
Check for updates
Author Tags
Qualifiers
- Short-paper
Funding Sources
Conference
CCS '18
Sponsor:
CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security
October 15 - 19, 2018
Toronto, Canada
Acceptance Rates
Overall Acceptance Rate 6 of 20 submissions, 30%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 226Total Downloads
- Downloads (Last 12 months)39
- Downloads (Last 6 weeks)3
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
Cited By
View all- Zagi LAziz B(2020)Privacy Attack On IoT: a Systematic Literature Review2020 International Conference on ICT for Smart Society (ICISS)10.1109/ICISS50791.2020.9307568(1-8)Online publication date: 19-Nov-2020
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in