nach oben

Cryptography and Communications

Erschienen in:

01.03.2015

Masking and leakage-resilient primitives: One, the other(s) or both?

verfasst von: Sonia Belaïd, Vincent Grosso, François-Xavier Standaert

Erschienen in: Cryptography and Communications | Ausgabe 1/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Securing cryptographic implementations against side-channel attacks is one of the most important challenges in modern cryptography. Many countermeasures have been introduced for this purpose, and analyzed in specialized security models. Formal solutions have also been proposed to extend the guarantees of provable security to physically observable devices. Masking and leakage-resilient cryptography are probably the most investigated and best understood representatives of these two approaches. Unfortunately, claims whether one, the other or their combination provides better security at lower cost remained vague so far. In this paper, we provide the first comprehensive treatment of this important problem. For this purpose, we analyze whether cryptographic implementations can be security-bounded, in the sense that the time complexity of the best side-channel attack is lower-bounded, independent of the number of measurements performed. Doing so, we first put forward a significant difference between stateful primitives such as leakage-resilient PRGs (that easily ensure bounded security), and stateless ones such as leakage-resilient PRFs (that hardly do). We then show that in practice, leakage-resilience alone provides the best security vs. performance tradeoff when bounded security is achievable, while masking alone is the solution of choice otherwise. That is, we highlight that one (x)or the other approach should be privileged, which contradicts the usual intuition that physical security is best obtained by combining countermeasures. Besides, our experimental results underline that despite defined in exactly the same way, the bounded leakage requirement in leakage-resilient PRGs and PRFs imply significantly different challenges for hardware designers. Namely, such a bounded leakage is much harder to guarantee for stateless primitives (like PRFs) than for statefull ones (like PRGs). As a result, constructions of leakage-resilient PRGs and PRFs proven under the same bounded leakage assumption, and instantiated with the same AES implementation, may lead to different practical security levels.

Vorheriger Artikel Complete reverse-engineering of AES-like block ciphers by SCARE and FIRE attacks

Nächster Artikel A survey of fault attacks in pairing based cryptography

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

For example, the algebraic side-channel attacks introduced in [49, 50], while somewhat unrealistic for now, would certainly lead to different security levels.

The SNR corresponds to ratio between the signal variance (that equals 2 for the Hamming weights of uniformly distributed 8-bit values) and the noise variance.

While algorithmic noise is generated with a binomial distribution in our experiments (as mentioned in the previous subsections), it is closely approximated by a normal one, since combined with enough (simulated) physical noise that is Gaussian.

As previously mentioned, there is an additional 16! ≈ 2⁴⁴ time complexity implied in the iterative DPA attacks, corresponding to the enumeration of a permutation over the 16 AES key bytes that is necessary to test each key candidate.

Abdalla, M., Belaïd, S., Fouque, P.-A.: Leakage-resilient symmetric encryption via re-keying. In: Bertoni and Coron [4], pp. 471–488

Belaïd, S., De Santis, F., Heyszl, J., Mangard, S., Medwed, M., Schmidt, J.-M., Standaert, F.-X., Tillich, S.: Towards fresh re-keying with leakage-resilient PRFs: Cipher design principles and analysis. Cryptology ePrint Archive, Report 2013/305 (2013). http://eprint.iacr.org/

Bernstein, D.J.: Implementing “practical leakage-resilient cryptography”. CHES 2012 Rump Session Talk, Leuven, Belgium (2012)

Bertoni, G., Coron, J.-S. (eds.): Cryptographic Hardware And Embedded Systems - CHES 2013 - 15th International Workshop. Santa Barbara, CA, USA, August 20-23, 2013. Proceedings, volume 8086 of Lecture Notes in Computer Science. Springer (2013)

Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener [63], pp. 398–412

Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski. B.S. Jr., Koç, Ç.K., Paar, C. (eds.) CHES, volume 2523 of Lecture Notes in Computer Science, pp 13–28. Springer (2002)

Common Criteria Portal. http://www.commoncriteriaportal.org/

Coron, J.-S., Prouff, E., Rivain, M.: Side channel cryptanalysis of a higher order masking scheme. In: Paillier and Verbauwhede [38] pp. 28–44

Cryptographic Key Length Recommendation. http://www.keylength.com/

10.

Dodis, Y., Pietrzak, K.: Leakage-resilient pseudorandom functions and side-channel attacks on feistel networks. In: Rabin, T. (ed.) CRYPTO, volume 6223 of Lecture Notes in Computer Science, pp 21–40. Springer (2010)

11.

Durvaux, F., Renauld, M., Standaert, F.-X., van Oldeneel tot Oldenzeel, L., Veyrat-Charvillon, N.: Efficient removal of random delays from embedded software implementations using hidden markov models. In: Mangard, S. (ed.) CARDIS, volume 7771 of Lecture Notes in Computer Science, pp 123–140. Springer (2012)

12.

Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS, pp 293–302. IEEE Computer Society (2008)

13.

Eisenbarth, T., Gong, Z., Güneysu, T. , Heyse, S., Indesteege, S., Kerckhof, S., Koeune, F., Nad, T., Plos, T., Regazzoni, F., Standaert, F.-X., van Oldeneel tot Oldenzeel, L.: Compact implementation and performance evaluation of block ciphers in ATtiny devices. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT, volume 7374 of Lecture Notes in Computer Science, pp 172–187. Springer (2012)

14.

Europay Mastercard Visa. http://www.emvco.com/

15.

Faust, S., Pietrzak, K., Schipper, J.: Practical leakage-resilient symmetric cryptography. In: Prouff and Schaumont [46], pp. 213–232

16.

Fei, Y., Luo, Q., Ding, A.A.: A statistical model for dpa with novel algorithmic confusion analysis. In: Prouff and Schaumont [46], pp. 233–250

17.

Genelle, L., Prouff, E., Quisquater, M.: Thwarting higher-order side channel analysis with additive and multiplicative maskings. In: Preneel and Takagi [43], pp. 240–255

18.

Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions (extended abstract). In: FOCS, pp. 464–479, IEEE Computer Society (1984)

19.

Goubin, L., Patarin, J.: Des and differential power analysis (the ”duplication” method). In: Koç, Ç.K., Paar, C. (eds.) CHES, volume 1717 of Lecture Notes in Computer Science, pp 158–172 . Springer (1999)

20.

Grosso, V., Standaert, F.-X., Faust, S.: Masking vs. multiparty computation: How large is the gap for the AES? In: Bertoni and Coron [4], pp. 400–416

21.

Herbst, C., Oswald, E., Stefan Mangard: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS, volume 3989 of Lecture Notes in Computer Science, pp 239–252 (2006)

22.

Ishai, Y., Sahai, A., Wagner, D.: Private circuits: Securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO, volume 2729 of Lecture Notes in Computer Science, pp 463–481. Springer (2003)

23.

Johansson, T., Nguyen, P.Q. (eds.): Advances in cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings, volume 7881 of Lecture Notes in Computer Science. Springer (2013)

24.

Joux, A. (ed.): Advances in Cryptology - EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings, volume 5479 of Lecture Notes in Computer Science. Springer (2009)

25.

Katashita, T., Satoh, A., Kikuchi, K., Nakagawa, H., Aoyagi, M. : Evaluation of DPA characteristics of sasebo for board level simulation. In: Huss, S., Schindler, W. (eds.) Proceedings of COSADE 2010, p. 4, Darmstadt, Germany (2011)

26.

Kerckhof, S., Durvaux, F., Hocquet, C., Bol, D., Standaert, F.-X.: Towards green cryptography: A comparison of lightweight ciphers from the energy viewpoint. In: Prouff and Schaumont [46], pp. 390–407

27.

Kocher, P.C.: Leak resistant cryptographic indexed key update. US Patent 6539092

28.

Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener [68], pp. 388–397

29.

Mangard, S.: Hardware countermeasures against DPA? A statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA, volume 2964 of Lecture Notes in Computer Science, pp 222–235. Springer (2004)

30.

Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer (2007)

31.

Mangard, S., Oswald, E., Standaert, F.-X.: One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Sec. 5(2), 100–110 (2011)CrossRef

32.

Mangard, S., Popp, T., Gammel, B.M.: Side-channel leakage of masked cmos gates. In: Menezes, A. (ed.) CT-RSA, volume 3376 of Lecture Notes in Computer Science, pp 351–365 . Springer (2005)

33.

Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: Rao and Sunar [47], pp. 157–171

34.

Medwed, M., Standaert, F.-X., Joux, A.: Towards super-exponential side-channel security with efficient leakage-resilient PRFs. In: Prouff and Schaumont [46], pp. 193–212

35.

Moradi, A., Mischke, O.: Glitch-free implementation of masking in modern FPGAs. In: HOST, pp. 89–95. IEEE (2012)

36.

Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: A very compact and a threshold implementation of AES. In: Paterson [39], pp. 69–88

37.

Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A side-channel analysis resistant description of the AES S-Box. In: Gilbert, H., Handschuh, H. (eds.) FSE, volume 3557 of Lecture Notes in Computer Science, pp 413–423. Springer (2005)

38.

Paillier, P., Verbauwhede, I. (eds.): Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop. Vienna, Austria, September 10-13, 2007, Proceedings, volume 4727 of Lecture Notes in Computer Science. Springer (2007)

39.

Paterson, K.G. (ed.): Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Tallinn, Estonia, May 15-19, 2011. Proceedings, volume 6632 of Lecture Notes in Computer Science. Springer (2011)

40.

Peeters, E., Standaert, F.-X., Donckers, N., Quisquater, J.-J.: Improved higher-order side-channel attacks with FPGA experiments. In: Rao and Sunar [47], pp. 309–323

41.

Pietrzak, K.: A leakage-resilient mode of operation. In: Joux [24], pp. 462–482

42.

Popp, T., Kirschbaum, M., Zefferer, T., Mangard, S.: Evaluation of the masked logic style mdpl on a prototype chip. In: Paillier and Verbauwhede [38], pp. 81–94

43.

Preneel, B., Takagi, T. (eds.): Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings, volume 6917 of Lecture Notes in Computer Science. Springer (2011)

44.

Prouff, E., Rivain, M.: Masking against side-channel attacks: A formal security proof. In: Johansson and Nguyen [23], pp. 142–159

45.

Prouff, E., Roche, T.: Higher-order glitches free implementation of the AES using secure multi-party computation protocols. In: Preneel and Takagi [43], pp. 63–78

46.

Prouff, E., Schaumont, P.: Cryptographic Hardware and Embedded Systems - CHES 2012 - 14th International Workshop, Leuven, Belgium, September 9-12, 2012. Proceedings, volume 7428 of Lecture Notes in Computer Science. Springer (2012)

47.

Rao, J.R., Berk Sunar (eds.): Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 - September 1, 2005, Proceedings, volume 3659 of Lecture Notes in Computer Science. Springer (2005)

48.

Regazzoni, F., Yi, W., Standaert, F.-X.: FPGA implementations of the AES masked against power analysis attacks. In: Huss, S., Schindler, W. (eds.) Proceedings of COSADE 2011, pp 56-66, Darmstadt, Germany (2011)

49.

Renauld, M., Standaert, F.-X.: Algebraic side-channel attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt, volume 6151 of Lecture Notes in Computer Science, pp 393–410. Springer (2009)

50.

Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N.: Algebraic side-channel attacks on the AES: Why time also matters in DPA. In: Clavier, C., Gaj, K. (eds.) CHES, volume 5747 of Lecture Notes in Computer Science, pp 97–111. Springer (2009)

51.

Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: Paterson [39], pp. 109– 128

52.

Rivain, M.: On the exact success rate of side channel analysis in the gaussian model. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) Selected Areas in Cryptography, volume 5381 of Lecture Notes in Computer Science, pp 165–183. Springer (2008)

53.

Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES, volume 6225 of Lecture Notes in Computer Science, pp 413–427 . Springer (2010)

54.

Roche, T., Prouff, E.: Higher-order glitches free implementation of the AES using secure multi-party computation protocols extended version. Cryptology ePrint Archive Report 2011/413. http://eprint.iacr.org/ (2011)

55.

Schramm, K., Paar, C.: Higher order masking of the AES. In: Pointcheval, D. (ed.) CT-RSA, volume 3860 of Lecture Notes in Computer Science, pp 208–225 . Springer (2006)

56.

Standaert, F.-X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux [24], pp. 443–461

57.

Standaert, F.-X., Pereira, O., Yu, Y.: Leakage-resilient symmetric cryptography under empirically verifiable assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO (1), volume 8042 of Lecture Notes in Computer Science, pp 335–352. Springer (2013)

58.

Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage resilient cryptography in practice. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security, Information Security and Cryptography, pp 99–134. Springer (2010)

59.

Standaert, F.-X., Veyrat-Charvillon, N., Oswald, E., Gierlichs, B., Medwed, M., Kasper, M., Mangard, S.: The world is not enough: Another look on second-order DPA. In: Abe, M. (ed.) ASIACRYPT, volume 6477 of Lecture Notes in Computer Science, pp 112–129. Springer (2010)

60.

Standaert, F.-X., Veyrat-Charvillon, N., Oswald, E., Gierlichs, B., Medwed, M., Kasper, M., Mangard, S.: The world is not enough: Another look on second-order DPA. Cryptology ePrint Archive, Report 2010/180. http://eprint.iacr.org/ (2010)

61.

Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Security evaluations beyond computing power. In: Johansson and Nguyen [23], pp. 126–141

62.

Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: A comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT, volume 7658 of Lecture Notes in Computer Science, pp 740–757. Springer (2012)

63.

Wiener, M.J. (ed.): Advances in Cryptology - CRYPTO ’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15-19, 1999, Proceedings, volume 1666 of Lecture Notes in Computer Science. Springer (1999)

64.

Yu, Y., Standaert, F.-X.: Practical leakage-resilient pseudorandom objects with minimum public randomness. In: Dawson, E. (ed.) CT-RSA, volume 7779 of Lecture Notes in Computer Science, pp 223–238. Springer (2013)

65.

Yu, Y., Standaert, F.-X., Pereira, O., Yung, M.: Practical leakage-resilient pseudorandom generators. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp 141–151 . ACM (2010)

Titel: Masking and leakage-resilient primitives: One, the other(s) or both?
verfasst von: Sonia Belaïd
Vincent Grosso
François-Xavier Standaert
Publikationsdatum: 01.03.2015
Verlag: Springer US
Erschienen in: Cryptography and Communications / Ausgabe 1/2015
Print ISSN: 1936-2447
Elektronische ISSN: 1936-2455
DOI: https://doi.org/10.1007/s12095-014-0113-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2015

A survey of fault attacks in pairing based cryptography

The distributions of individual bits in the output of multiplicative operations

Complete reverse-engineering of AES-like block ciphers by SCARE and FIRE attacks

Threshold implementations of small S-boxes

Construction of RSBFs with improved cryptographic properties to resist differential fault attack on grain family of stream ciphers

Guest Editorial