Top

Published in:

2017 | OriginalPaper | Chapter

Bricklayer Attack: A Side-Channel Analysis on the ChaCha Quarter Round

Authors : Alexandre Adomnicai, Jacques J. A. Fournier, Laurent Masson

Published in: Progress in Cryptology – INDOCRYPT 2017

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

ChaCha is a family of stream ciphers that are very efficient on constrainted platforms. In this paper, we present electromagnetic side-channel analyses for two different software implementations of ChaCha20 on a 32-bit architecture: one compiled and another one directly written in assembly. On the device under test, practical experiments show that they have different levels of resistance to side-channel attacks. For the most leakage-resilient implementation, an analysis of the whole quarter round is required. To overcome this complication, we introduce an optimized attack based on a divide-and-conquer strategy named bricklayer attack.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Architecture Level Optimizations for Kummer Based HECC on FPGAs

next chapter CCA-secure Predicate Encryption from Pair Encoding in Prime Order Groups: Generic and Efficient

chacha20-poly1305@openssh.com: Authenticated encryption mode, May 2016. http://bxr.su/OpenBSD/usr.bin/ssh/PROTOCOL.chacha20poly1305

iOS 10 Security White Paper. Technical report, Apple Inc., March 2017. https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. Cryptology ePrint Archive, Report 2007/472 (2007). http://eprint.iacr.org/2007/472

Babbage, S., Borghoff, J., Velichkov, V.: The eSTREAM portfolio in 2012. http://www.ecrypt.eu.org/ecrypt2/documents/D.SYM.10-v1.pdf

Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the Internet of Things. Cryptology ePrint Archive, Report 2015/585 (2015). http://eprint.iacr.org/2015/585

Bernstein, D.J.: Extending the Salsa20 nonce. https://cr.yp.to/snuffle/xsalsa-20081128.pdf

Bernstein, D.J.: ChaCha, a variant of Salsa20. In: SASC - The State of the Art of Stream Ciphers, pp. 273–278 (2008). http://cr.yp.to/chacha/chacha-20080128.pdf

Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_8 CrossRef

Biryukov, A., Dinu, D., Großschädl, J.: Correlation power analysis of lightweight block ciphers: from theory to practice. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 537–557. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_29

10.

Boura, C., Lvque, S., Vigilant, D.: Side-channel analysis of Grostl and Skein. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 16–26, May 2012. https://www.ieee-security.org/TC/SPW2012/proceedings/4740a016.pdf

11.

Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2 CrossRef

12.

Bursztein, E.: Speeding up and strengthening HTTPS connections for Chrome on Android. Technical report, April 2014. https://security.googleblog.com/2014/04/speeding-up-and-strengthening-https.html

13.

Callan, R., Zajić, A., Prvulovic, M.: A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-47, pp. 242–254. IEEE Computer Society, Washington, D.C. (2014). http://dx.doi.org/10.1109/MICRO.2014.39

14.

Choudhuri, A.R., Maitra, S.: Differential cryptanalysis of Salsa and ChaCha - an evaluation with a hybrid model. Cryptology ePrint Archive, Report 2016/377 (2016). http://eprint.iacr.org/2016/377

15.

Coron, J.-S., Großschädl, J., Tibouchi, M., Vadnala, P.K.: Conversion from arithmetic to boolean masking with logarithmic complexity. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 130–149. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_7 CrossRef

16.

Couroussé, D., Barry, T., Robisson, B., Jaillon, P., Potin, O., Lanet, J.-L.: Runtime code polymorphism as a protection against side channel attacks. Cryptology ePrint Archive, Report 2017/699 (2017). http://eprint.iacr.org/2017/699

17.

Denis, F.: The XChaCha20-Poly1305 construction. https://download.libsodium.org/doc/secret-key_cryptography/xchacha20-poly1305_construction.html

18.

Dworkin, M.J.: SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques. Technical report, Gaithersburg, MD, United States (2001)

19.

Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_21 CrossRef

20.

Goubin, L.: A sound method for switching between boolean and arithmetic masking. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3–15. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_2 CrossRef

21.

Jungk, B., Bhasin, S.: Don’t fall into a trap: physical side-channel analysis of chacha20-poly1305. In: Design, Automation Test in Europe Conference Exhibition (DATE 2017), pp. 1110–1115, March 2017

22.

Karroumi, M., Richard, B., Joye, M.: Addition with blinded operands. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 41–55. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_4

23.

Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25. http://dl.acm.org/citation.cfm?id=646764.703989 CrossRef

24.

Kumar, S.V.D., Patranabis, S., Breier, J., Mukhopadhyay, D., Bhasin, S., Chattopadhyay, A., Baksi, A.: A practical fault attack on ARX-like ciphers with a case study on ChaCha20. In: 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC, Taipei, Taiwan (2017)

25.

Langley, A., Chang, W., Mavrogiannopoulos, N., Strombergson, J., Josefsson, S.: ChaCha20-Poly1305 cipher suites for transport layer security (TLS). RFC 7905, RFC Editor, June 2016. http://tools.ietf.org/rfc/rfc7905.txt

26.

Lemke, K., Schramm, K., Paar, C.: DPA on n-bit sized boolean and arithmetic operations and its application to IDEA, RC6, and the HMAC-construction. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 205–219. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_15. http://www.iacr.org/archive/asiacrypt2007/31560191/31560191.pdf CrossRef

27.

Luykx, A., Mennink, B., Paterson, K.G.: Analyzing multi-key security degradation. Cryptology ePrint Archive, Report 2017/435 (2017). http://eprint.iacr.org/2017/435

28.

Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discrete Appl. Math. 208(C), 88–97 (2016). http://dx.doi.org/10.1016/j.dam.2016.02.020 MathSciNetCrossRefMATH

29.

Mazumdar, B., Ali, S.S., Sinanoglu, O.: Power analysis attacks on ARX: an application to Salsa20. In: 2015 IEEE 21st International On-line Testing Symposium (IOLTS), pp. 40–43, July 2015

30.

McCann, D., Eder, K., Oswald, E.: Characterising and comparing the energy consumption of side channel attack countermeasures and lightweight cryptography on embedded devices. Cryptology ePrint Archive, Report 2015/832 (2015). http://eprint.iacr.org/2015/832

31.

McGrew, D., Bailey, D.: AES-CCM cipher suites for transport layer security (TLS). RFC 6655, RFC Editor, July 2012. http://tools.ietf.org/rfc/rfc6655.txt

32.

Mozaffari-Kermani, M., Azarderakhsh, R.: Reliable hash trees for post-quantum stateless cryptographic hash-based signatures. In: 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS), pp. 103–108, October 2015

33.

Patranabis, S., Roy, D.B., Vadnala, P.K., Mukhopadhyay, D., Ghosh, S.: Shuffling across rounds: a lightweight strategy to counter side-channel attacks. In: 2016 IEEE 34th International Conference on Computer Design (ICCD), pp. 440–443, October 2016

34.

Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45418-7_17 CrossRef

35.

Rescorla, E.: The transport layer security (TLS) protocol version 1.3. Internet-Draft draft-ietf-tls-tls13-21, Internet Engineering Task Force, July 2017. https://tlswg.github.io/tls13-spec/draft-ietf-tls-tls13.html, work in Progress

36.

Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. Cryptology ePrint Archive, Report 2009/420 (2009). http://eprint.iacr.org/2009/420

37.

Salowey, J., Choudhury, A., McGrew, D.: AES Galois Counter Mode (GCM) cipher suites for TLS. RFC 5288, RFC Editor, August 2008. http://www.rfc-editor.org/rfc/rfc5288.txt

38.

Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24 CrossRef

39.

Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_44 CrossRef

40.

Yadav, P., Gupta, I., Murthy, S.K.: Study and analysis of eSTREAM cipher Salsa and ChaCha. In: 2016 IEEE International Conference on Engineering and Technology (ICETECH), pp. 90–94, March 2016

41.

Zohner, M., Kasper, M., Stöttinger, M.: Butterfly-attack on Skein’s modular addition. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 215–230. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29912-4_16 CrossRef

Title: Bricklayer Attack: A Side-Channel Analysis on the ChaCha Quarter Round
Authors: Alexandre Adomnicai
Jacques J. A. Fournier
Laurent Masson
Publisher: Springer International Publishing
Book: Progress in Cryptology – INDOCRYPT 2017
Print ISBN: 978-3-319-71666-4

Electronic ISBN: 978-3-319-71667-1

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-71667-1_4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner