Top

Published in:

2019 | OriginalPaper | Chapter

Sliding-Window Correlation Attacks Against Encryption Devices with an Unstable Clock

Authors : Dor Fledel, Avishai Wool

Published in: Selected Areas in Cryptography – SAC 2018

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Power analysis side channel attacks rely on aligned traces. As a counter-measure, devices can use a jittered clock to misalign the power traces. In this paper we suggest a way to overcome this counter-measure, using an old method of integrating samples over time followed by a correlation attack (Sliding Window CPA). We theoretically re-analyze this general method with characteristics of jittered clocks and show that it is stronger than previously believed. We show that integration of samples over a suitably chosen window size actually amplifies the correlation both with and without jitter—as long as multiple leakage points are present within the window. We then validate our analysis on a new data-set of traces measured on a board implementing a jittered clock. The data-set we collected is public and accessible online. Our experiments show that the SW-CPA attack with a well-chosen window size is very successful against a jittered clock counter-measure and significantly outperforms previous suggestions, requiring a much smaller set of traces to correctly identify the correct key.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Mind the Gap - A Closer Look at the Security of Block Ciphers against Differential Cryptanalysis

next chapter Assessing the Feasibility of Single Trace Power Analysis of Frodo

[BCO04]

Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2CrossRef

[BHvW12]

Batina, L., Hogenboom, J., van Woudenberg, J.G.J.: Getting more from PCA: first results of using principal component analysis for extensive power analysis. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 383–397. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_24CrossRef

[CCD00]

Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44499-8_20CrossRefMATH

[CDP17]

Cagli, E., Dumas, C., Prouff, E.: Convolutional neural networks with data augmentation against jitter-based countermeasures. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 45–68. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_3CrossRef

[Con12]

Conte, B.: Basic implementations of standard cryptography algorithms, like AES and SHA-1 (2012). https://github.com/B-Con/crypto-algorithms

[CRR02]

Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_3CrossRef

[FH08]

Ferrigno, J., Hlaváč, M.: When AES blinks: introducing optical side channel. IET Inf. Secur. 2(3), 94–98 (2008)CrossRef

[FW18]

Fledel, D., Wool, A.: RCM4010 AES-128 power traces, with and without spectrum-spreading (2018). https://drive.google.com/open?id=1DbcM2Z1RLi1xt8tO7qF5HGCWX8SDAd5BVwxgD7y_bU8

[GPPT15]

Genkin, D., Pachmanov, L., Pipman, I., Tromer, E.: Stealing keys from PCs using a radio: cheap electromagnetic attacks on windowed exponentiation. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 207–228. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_11CrossRef

[HHO15]

Hodgers, P., Hanley, N., O’Neill, M.: Pre-processing power traces to defeat random clocking countermeasures. In: International Symposium on Circuits and Systems (ISCAS), pp. 85–88. IEEE (2015)

[HNI+06]

Homma, N., Nagashima, S., Imai, Y., Aoki, T., Satoh, A.: High-resolution side-channel attack using phase-based waveform matching. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 187–200. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_15CrossRef

[KA98]

Kuhn, M.G., Anderson, R.J.: Soft tempest: hidden data transmission using electromagnetic emanations. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 124–142. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-49380-8_10CrossRef

[KJJ99]

Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25CrossRef

[Koc96]

Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9CrossRef

[MOP08]

Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards, vol. 31, pp. 202–211. Springer, Boston (2007). https://doi.org/10.1007/978-0-387-38162-6CrossRefMATH

[MvWB11]

Muijrers, R.A., van Woudenberg, J.G.J., Batina, L.: RAM: rapid alignment method. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 266–282. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-27257-8_17CrossRef

[OC15]

O’Flynn, C., Chen, Z.: Synchronous sampling and clock recovery of internal oscillators for side channel analysis and fault injection. J. Crypt. Eng. 5(1), 53–69 (2015)CrossRef

[OP11]

Oswald, D., Paar, C.: Breaking Mifare DESFire MF3ICD40: power analysis and templates in the real world. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 207–222. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_14CrossRef

[OP12]

Oswald, D., Paar, C.: Improving side-channel analysis with optimal linear transforms. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 219–233. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37288-9_15CrossRef

[PV17]

Papagiannopoulos, K., Veshchikov, N.: Mind the gap: towards secure 1st-order masking in software. IACR Cryptology ePrint Archive, p. 345 (2017)

[RCM10]

Digi International Inc.: RabbitCore RCM4000 user manual (2010). http://ftp1.digi.com/support/documentation/019-0157_J.pdf

[SDB+10]

Schimmel, O., Duplys, P., Boehl, E., Hayek, J., Bosch, R., Rosenstiel, W.: Correlation power analysis in frequency domain. In: COSADE First International Workshop on Constructive Side Channel Analysis and Secure Design (2010)

[SMY09]

Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26CrossRef

[ST04]

Shamir, A., Tromer, E.: Acoustic cryptanalysis (2004). http://www.wisdom.weizmann.ac.il/~tromer

[TH12]

Tian, Q., Huss, S.A.: On the attack of misaligned traces by power analysis methods. In: 2012 Seventh International Conference on Computer Engineering and Systems (ICCES), pp. 28–34. IEEE (2012)

[vWWB11]

van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by elastic alignment. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 104–119. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_8CrossRef

Title: Sliding-Window Correlation Attacks Against Encryption Devices with an Unstable Clock
Authors: Dor Fledel
Avishai Wool
Publisher: Springer International Publishing
Book: Selected Areas in Cryptography – SAC 2018
Print ISBN: 978-3-030-10969-1

Electronic ISBN: 978-3-030-10970-7

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-10970-7_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner