ETRI Journal

  • 제39권3호
  • /
  • Pages.417-427
  • /
  • 2017
  • /
  • 1225-6463(pISSN)
  • /
  • 2233-7326(eISSN)
한국전자통신연구원 (Electronics and Telecommunications Research Institute)
권호 표지
DOI QR코드

DOI QR Code

Security of Constant Weight Countermeasures

  • 투고 : 2016.11.28
  • 심사 : 2017.02.02
  • 발행 : 2017.06.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

This paper investigates the security of constant weight countermeasures, which aim to produce indistinguishable leakage from sensitive variables and intermediate variables, assuming a constant Hamming distance and/or Hamming weight leakages. To investigate the security of recent countermeasures, contrary to many related studies, we assume that the coefficients of the simulated leakage models follow a normal distribution so that we may construct a model with approximately realistic leakages. First, using our simulated leakage model, we demonstrate security holes in these previous countermeasures. Subsequently, in contrast to the hypotheses presented in previous studies, we confirm the resistance of these countermeasures to a standard correlation power analysis (CPA). However, these countermeasures can allow a bitwise CPA to leak a sensitive variable with only a few thousand traces.

키워드

참고문헌

  1. P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Int. Cryptology Conf. Adv. Cryptology, Santa Barbara, CA, USA, Aug. 15-19, 1999, pp. 388-397.
  2. Y. Ishai, A. Sahai, and D. Wagner, "Private Circuits: Securing Hardware Against Probing Attacks," Int. Cryptology Conf. Adv. Cryptology, Santa Barbara, CA, USA, Aug. 17-21, 2003, pp. 462-481.
  3. M. Rivain and E. Prouff, "Provably Secure Higher-Order Masking of AES," Int. Workshop Cryptograph. Hardw. Embedded Syst., Santa Barbara, USA, Aug. 17-20, 2010, pp. 413-427.
  4. H. Kim, S. Hong, and J. Lim, "A Fast and Provably Secure Higher-Order Masking of AES S-Box," Int. Workshop Cryptograph. Hardw. Embedded Syst., Nara, Japan, Sept. 28-Oct. 1, 2011, pp. 95-107.
  5. J.-S. Coron, E. Prouff, and M. Rivain, "Higher-Order Side Channel Security and Mask Refreshing," Int. Workshop Fast Softw. Encryption, Singapore, Mar. 11-13, 2013, pp. 410-424.
  6. J. Waddle and D. Wagner, "Towards Efficient Second-Order Power Analysis," Int. Workshop Cryptograph. Hardw. Embedded Syst., Cambridge, MA, USA, Aug. 11-13, 2004, pp. 1-15.
  7. J. Pan, J.I. Den Hartog, and J. Lu, "You Cannot Hide Behind the Mask: Power Analysis on a Provably Secure S-Box Implementation," Int. Workshop Inform. Security Applicat., Busan, Rep. of Korea, Aug. 25-27, 2009, pp. 178-192.
  8. V. Grosso, F.-X. Standaert, and E. Prouff, "Low Entropy Masking Schemes, Revisited," Int. Conf. Smart Card Res. Adv. Applicat., Berlin, Germany, Nov. 27-29, 2013, pp. 33-43.
  9. P. Hoogvorst, G. Duc, and J.-L. Danger, "Software Implementation of Dual-Rail Representation," Int. Workshop Constructive Side-Channel Anal. Secure Des., Darmstadt, Germany, Feb. 24-25, 2011, pp. 73-81.
  10. K. Tiri and I. Verbauwhede, "Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology," Int. Workshop Cryptograph. Hardw. Embedded Syst., Cologne, Germany, Sept. 8-10, 2003, pp. 125-136.
  11. D. Sokolov et al., "Improving the Security of Dual-Rail Circuits," Int. Workshop Cryptograph. Hardw. Embedded Syst., Cambridge, MA, USA, Aug. 11-13, 2004, pp. 282-297.
  12. K. Tiri and I. Verbauwhede, "A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation," Proc. Des. Autom. Test Eur. Conf. Exhibition, Paris, France, Feb. 16-20, 2004, pp. 246-251.
  13. T. Popp and S. Mangard, "Masked Dual-Rail Pre-charge Logic: DPA-Resistance without Routing Constraints," Int. Workshop Cryptograph. Hardw. Embedded Syst., Edinburgh, UK, Aug. 29-Sept. 1, 2005, pp. 172-186.
  14. D. Suzuki and M. Saeki, "Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style," Int. Workshop Cryptograph. Hardw. Embedded Syst., Yokohama, Japan, Oct. 10-13, 2006, pp. 255-269.
  15. S. Guilley, L. Sauvage, and F. Flament, "Evaluation of Power Constant Dual-Rail Logics Countermeasures against DPA with Design Time Security Metrics," IEEE Trans. Comput., vol. 59, no. 9, July 2010, pp. 1250-1263. https://doi.org/10.1109/TC.2010.104
  16. A. Maekawa, N. Yamashita, and T. Okamura, "Tamper-Resistance Techniques Based on Symbolic Implementation against Power Analysis," Symp. Cryptography Inform. Security, Tokyo, Japan, Jan. 22-25, 2013, pp. 73-81.
  17. V. Servant et al., "Study of a Novel Software Constant Weight Implementation," Int. Conf. Smart Card Res. Adv. Applicat., Paris, France, Nov. 5-7, 2014, pp. 35-48.
  18. E. Brier, C. Clavier, and F. Olivier, "Correlation Power Analysis with a Leakage Model," Int. Workshop Cryptograph. Hardw. Embedded Syst., Cambridge, MA, USA, Aug. 11-13, 2004, pp. 16-29.
  19. C. Chen et al., "Balanced Encoding to Mitigate Power Analysis: a Case Study," Int. Conf. Smart Card Res. Adv. Applicat., Paris, France, Nov. 5-7, 2014, pp. 49-63.
  20. J. Borghoff et al., "PRINCE-a Low-Latency Block Cipher for Pervasive Computing Applications," Int. Conf. Theory Applicat Cryptology Inform. Security Adv. Cryptology, Beijing, China, Dec. 2-6, 2012, pp. 208-225.
  21. R. Bevan and E. Knudsen, "Ways to Enhance Differential Power Analysis," Int. Conf. Inform. Security Cryptology, Seoul, Rep. of Korea, Nov. 28-29, 2002, pp. 327-342.
  22. Y.S. Won et al., "On the Security of Balanced Encoding Countermeasures," Int. Conf. Smart Card Res. Adv. Applicat., Bochum, Germany, Nov. 4-6, 2015.
  23. F.-X. Standaert, T.G. Malkin, and M. Yung, "A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks," Int. Conf. Theory Applicat. Cryptograph. Techn. Adv. Cryptology, Cologne, Germany, Apr. 26-30, 2009, pp. 443-461.
  24. H. Margherbi, V. Servant, and J. Bringer. "There Is Wisdom in Harnessing the Strenghts of Your Enemy: Customized Encoding to Thwart Side-Channel Attacks," Int. Workshop Fast Softw. Encryption, Germany, Mar. 20-23, 2016, pp. 223-243.

피인용 문헌

  1. Power-Balancing Software Implementation to Mitigate Side-Channel Attacks without Using Look-Up Tables vol.10, pp.7, 2017, https://doi.org/10.3390/app10072454
  2. Power analysis attack resilient block cipher implementation based on 1-of-4 data encoding vol.43, pp.4, 2017, https://doi.org/10.4218/etrij.2020-0175