Online Template Attacks

2014 ◽  
pp. 21-36 ◽  
Author(s):  
Lejla Batina ◽  
Łukasz Chmielewski ◽  
Louiza Papachristodoulou ◽  
Peter Schwabe ◽  
Michael Tunstall
Keyword(s):  
Template Attacks

scholarly journals Online Template Attacks: Revisited

2021 ◽  
pp. 28-59
Author(s):  
Alejandro Cabrera Aldaya ◽  
Billy Bob Brumley
Keyword(s):  
Power Consumption ◽  
Elliptic Curve ◽  
Side Channel ◽  
Powerful Technique ◽  
Leakage Model ◽  
On Demand ◽  
Side Channels ◽  
Generic Framework ◽  
Template Attacks ◽  
Elliptic Curve Scalar Multiplication

An online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has only been analyzed in the realm of power consumption and EM side channels, where the signals leak related to the value being processed. However, microarchitecture signals have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit previous OTA descriptions, proposing a generic framework and evaluation metrics for any side-channel signal. Our analysis reveals OTA features not previously considered, increasing its application scenarios and requiring a fresh countermeasure analysis to prevent it.In this regard, we demonstrate that OTAs can work in the backward direction, allowing to mount an augmented projective coordinates attack with respect to the proposal by Naccache, Smart and Stern (Eurocrypt 2004). This demonstrates that randomizing the initial targeted algorithm state does not prevent the attack as believed in previous works.We analyze three libraries libgcrypt, mbedTLS, and wolfSSL using two microarchitecture side channels. For the libgcrypt case, we target its EdDSA implementation using Curve25519 twist curve. We obtain similar results for mbedTLS and wolfSSL with curve secp256r1. For each library, we execute extensive attack instances that are able to recover the complete scalar in all cases using a single trace.This work demonstrates that microarchitecture online template attacks are also very powerful in this scenario, recovering secret information without knowing a leakage model. This highlights the importance of developing secure-by-default implementations, instead of fix-on-demand ones.

scholarly journals Fault Template Attacks on Block Ciphers Exploiting Fault Propagation

2020 ◽  
pp. 612-643
Author(s):  
Sayandeep Saha ◽  
Arnab Bag ◽  
Debapriya Basu Roy ◽  
Sikhar Patranabis ◽  
Debdeep Mukhopadhyay
Keyword(s):  
Block Ciphers ◽  
Fault Propagation ◽  
Template Attacks

scholarly journals Template Attacks

2003 ◽  
pp. 13-28 ◽  
Author(s):  
Suresh Chari ◽  
Josyula R. Rao ◽  
Pankaj Rohatgi
Keyword(s):  
Template Attacks

Cryptanalysis of a Chaotic Block Cryptographic System Against Template Attacks

2020 ◽  
Vol 30 (15) ◽  
pp. 2050223
Author(s):  
Yuling Luo ◽  
Shunsheng Zhang ◽  
Junxiu Liu ◽  
Lvchen Cao
Keyword(s):  
Statistical Tests ◽  
Gaussian Model ◽  
Electromagnetic Emission ◽  
Information Modeling ◽  
Cryptographic Algorithm ◽  
Data Processing Method ◽  
Secret Keys ◽  
Cryptographic System ◽  
Multivariate Gaussian Model ◽  
Template Attacks

The security of chaotic cryptographic system can be theoretically evaluated by using conventional statistical tests and numerical simulations, such as the character frequency test, entropy test, avalanche test and SP 800-22 tests. However, when the cryptographic algorithm operates on a cryptosystem, the leakage information such as power dissipation, electromagnetic emission and time-consuming can be used by attackers to analyze the secret keys, namely the Side Channel Analysis (SCA) attack. In this paper, a cryptanalysis method is proposed for evaluating the security of a chaotic block cryptographic system from a hardware perspective by utilizing the Template Attacks (TAs). Firstly, a chaotic block cryptographic system is described briefly and implemented based on an Atmel XMEGA microcontroller. Then the TA using a multivariate Gaussian model is introduced. In order to reduce computational complexity and improve the efficiency of TA, the Hamming weight is used in this work to model power consumption traces. The proposed TA method has the following advantages including (a) using the sum of difference to select points of interest of traces, (b) using a data processing method to minimize the influences on power information modeling from the redundant sampling points, and (c) all the traces are aligned precisely before establishing the templates. Experimental results show that the TA can be used to attack the chaotic cryptographic systems and is more efficient, i.e. [Formula: see text]32% less attack traces than correlation power analysis, when the templates are properly built.

scholarly journals Template Attacks Based on Priori Knowledge

2015 ◽  
pp. 346-363
Author(s):  
Guangjun Fan ◽  
Yongbin Zhou ◽  
Hailong Zhang ◽  
Dengguo Feng
Keyword(s):  
Template Attacks ◽  
Priori Knowledge

scholarly journals Plaintext: A Missing Feature for Enhancing the Power of Deep Learning in Side-Channel Analysis?

2020 ◽  
pp. 49-85
Author(s):  
Anh-Tuan Hoang ◽  
Neil Hanley ◽  
Maire O’Neill
Keyword(s):  
Neural Networks ◽  
Deep Learning ◽  
Large Body ◽  
Side Channel ◽  
Secret Key ◽  
Side Channel Analysis ◽  
Filter Kernel ◽  
Secret Keys ◽  
Channel Analysis ◽  
Template Attacks

Deep learning (DL) has proven to be very effective for image recognition tasks, with a large body of research on various model architectures for object classification. Straight-forward application of DL to side-channel analysis (SCA) has already shown promising success, with experimentation on open-source variable key datasets showing that secret keys can be revealed with 100s traces even in the presence of countermeasures. This paper aims to further improve the application of DL for SCA, by enhancing the power of DL when targeting the secret key of cryptographic algorithms when protected with SCA countermeasures. We propose a new model, CNN-based model with Plaintext feature extension (CNNP) together with multiple convolutional filter kernel sizes and structures with deeper and narrower neural networks, which has empirically proven its effectiveness by outperforming reference profiling attack methods such as template attacks (TAs), convolutional neural networks (CNNs) and multilayer perceptron (MLP) models. Our model generates state-of-the art results when attacking the ASCAD variable-key database, which has a restricted number of training traces per key, recovering the key within 40 attack traces in comparison with order of 100s traces required by straightforward machine learning (ML) application. During the profiling stage an attacker needs no additional knowledge on the implementation, such as the masking scheme or random mask values, only the ability to record the power consumption or electromagnetic field traces, plaintext/ciphertext and the key. Additionally, no heuristic pre-processing is required in order to break the high-order masking countermeasures of the target implementation.

scholarly journals Mitigating the Threat due to Data Deduplication Attacks in Cloud Migration using User Layer Authentication with Light Weight Cryptography

2020 ◽  
Vol 9 (3) ◽  
pp. 2539-2545
Keyword(s):  
Data Security ◽  
Service Providers ◽  
Data Integrity ◽  
Cloud Service ◽  
Behavioral Pattern ◽  
Data Migration ◽  
Data Deduplication ◽  
Cloud Data ◽  
Template Attacks ◽  
The Impact

The widespread adoption of multi-cloud in enterprises is one of the root causes of cost-effectiveness. Cloud service providers reduce storage costs through advanced data de-duplication, which also provides vulnerabilities for attackers. Traditional approaches to authentication and data security for a single cloud need to be upgraded to be best suitable for cloud-to-cloud data migration security in order to mitigate the impact of dictionary and template attacks on authentication and data integrity, respectively. This paper proposes a scheme of user layer authentication along with lightweight cryptography. The proposed simulates its mathematical model to analyze the behavioral pattern of time-complexity of data security along with user auth protection. The performance pattern validates the model for scalability and reliability against both authentication and data integrity.

Sign in / Sign up

Export Citation Format

Share Document