nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Side-Channel Attacks on Blinded Scalar Multiplications Revisited

verfasst von : Thomas Roche, Laurent Imbert, Victor Lomné

Erschienen in: Smart Card Research and Advanced Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In a series of recent articles (from 2011 to 2017), Schindler et al. show that exponent/scalar blinding is not as effective a countermeasure as expected against side-channel attacks targeting RSA modular exponentiation and ECC scalar multiplication. Precisely, these works demonstrate that if an attacker is able to retrieve many randomizations of the same secret, this secret can be fully recovered even when a significative proportion of the blinded secret bits are erroneous. With a focus on ECC, this paper improves the best results of Schindler et al. in the specific case of structured-order elliptic curves. Our results show that larger blinding material and higher error rates can be successfully handled by an attacker in practice. This study also opens new directions in this line of work by the proposal of a three-steps attack process that isolates the attack critical path (in terms of complexity and success rate) and hence eases the development of future solutions.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel An Efficient and Provable Masked Implementation of qTESLA

Nächstes Kapitel Remote Side-Channel Attacks on Heterogeneous SoC

A more formal notation would be \(\{T_{\ell }\}_{\ell \in \mathbb {Z}; 0 \leqslant \ell < N}\).

A learning phase is conducted prior to the attack on a similar device where scalar multiplication inputs and randoms can be chosen, e.g. a template building or a deep-learning training phase.

Without the empirical improvements discussed in Sect. 2.3.

The array Lr must be initialized to an integer array of dimension \(N\times L\) with all cells initialized to \(-1\) but the first column (Lr[i][0] for all \(i<N\)) which must be initialized to 0.

For \(t=R\), at iteration i, all bits of \({\bar{r}_\ell }\) and \({\bar{d}_\ell }\) are considered for probability estimation, this version is labeled “Full”.

Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal and vertical side-channel attacks against secure RSA implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 1–17. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36095-4_1CrossRefMATH

Carbone, M., et al.: Deep learning to evaluate secure RSA implementations. IACR Trans. Cryptograph. Hardw. Embed. Syst. 2019(2), 132–161 (2019). https://doi.org/10.13154/tches.v2019.i2.132-161

Ciet, M., Joye, M.: (Virtually) free randomization techniques for elliptic curve cryptography. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 348–359. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39927-8_32CrossRef

Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25CrossRef

Feix, B., Roussellet, M., Venelli, A.: Side-channel analysis on blinded regular scalar multiplications. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 3–20. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13039-2_1CrossRef

FIPS PUB 186–3: Digital Signature Standard. National Institute of Standards and Technology, March 2006. Draft

Heyszl, J., Ibing, A., Mangard, S., De Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79–93. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_6CrossRef

Järvinen, K., Balasch, J.: Single-trace side-channel attacks on scalar multiplications with precomputations. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 137–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_9CrossRef

Nascimento, E., Chmielewski, Ł.: Applying horizontal clustering side-channel attacks on embedded ECC implementations. In: Eisenbarth, T., Teglia, Y. (eds.) CARDIS 2017. LNCS, vol. 10728, pp. 213–231. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-75208-2_13CrossRef

10.

Nascimento, E., Chmielewski, Ł., Oswald, D., Schwabe, P.: Attacking embedded ECC implementations through cmov side channels. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 99–119. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69453-5_6CrossRef

11.

Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144–160. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_11CrossRef

12.

Schindler, W., Itoh, K.: Exponent blinding does not always lift (partial) spa resistance to higher-level security. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 73–90. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21554-4_5CrossRefMATH

13.

Schindler, W., Wiemers, A.: Power attacks in the presence of exponent blinding. J. Cryptograph. Eng. 4(4), 213–236 (2014). https://doi.org/10.1007/s13389-014-0081-yCrossRef

14.

Schindler, W., Wiemers, A.: Efficient Side-Channel Attacks on Scalar Blinding on Elliptic Curves with Special Structure. In: NIST Workshop on ECC Standards (2015)

15.

Schindler, W., Wiemers, A.: Generic power attacks on RSA with CRT and exponent blinding: new results. J. Cryptograph. Eng. 7(4), 255–272 (2017). https://doi.org/10.1007/s13389-016-0146-1CrossRef

16.

Specht, R., Heyszl, J., Kleinsteuber, M., Sigl, G.: Improving Non-profiled attacks on exponentiations based on clustering and extracting leakage from multi-channel high-resolution EM measurements. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 3–19. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_1CrossRef

17.

Standards for Efficient Cryptography Group (SECG): SEC 2: recommended elliptic curve domain parameters. Certicom Research (2000). http://www.secg.org/collateral/sec2_final.pdf

18.

Weissbart, L., Picek, S., Batina, L.: One trace is all it takes: machine learning-based side-channel attack on EdDSA. Cryptology ePrint archive, report 2019/358 (2019). https://eprint.iacr.org/2019/358CrossRef

Titel: Side-Channel Attacks on Blinded Scalar Multiplications Revisited
verfasst von: Thomas Roche
Laurent Imbert
Victor Lomné
Verlag: Springer International Publishing
Buch: Smart Card Research and Advanced Applications
Print ISBN: 978-3-030-42067-3

Electronic ISBN: 978-3-030-42068-0

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-42068-0_6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"