Experimental Study on Measurement Resolution of Side Channel Waveform in Correlation Power Analysis

Evaluation Board

Side channel attacks (SCAs) are now a real threat to cryptographic devices and correlation power analysis (CPA) is the most powerful attack. So far, a CPA attack usually exploits the leakage information from raw power consumption traces that collected from the attack device. In real attack scenarios, these traces collected from measurement equipment are usually contaminated by noise resulting in a decrease in attack efficiency. In this paper, we propose a variant CPA attack that exploits the leakage information from intrinsic mode functions (IMFs) of the power traces. These IMFs are the results of the variational mode decomposition (VMD) process on the raw power traces. This attack technique decreases the number of power traces for correctly recovering the secret key by approximately 13% in normal conditions and 60% in noisy conditions compared to a traditional CPA attack. Experiments were performed on power traces of AES-128 implemented in both microcontroller and FPGA by Sakura-G/W side channel evaluation board to verify the effectiveness of our method.

A Power Analysis System for Cryptographic Devices

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.718-720.2376 ◽

2013 ◽

Vol 718-720 ◽

pp. 2376-2382

Author(s):

Yan Ting Ren ◽

Li Ji Wu

Keyword(s):

Normal Mode ◽

Power Analysis ◽

Security Analysis ◽

General Purpose ◽

Side Channel ◽

Security Level ◽

Side Channel Attacks ◽

Working Models ◽

Analysis System

In order to test the security of cryptographic devices against Side Channel Attacks (SCA), an automatic general-purpose power analysis system (TH-PAS-01) is designed and implemented. TH-PAS-01 is scalable and can be applied to many cryptographic devices when specific modules are installed. Using the system TH-PAS-01, correlation power analysis (CPA) are carried out on an AES chip under two working models: normal and shuffling mode. The security level of the countermeasure provided by the target chip is verified by TH-PAS-01. The experimental results show that the correct key of the AES chip is obtained with around 50,000 power traces when the chip was working under normal mode, while the whole key bits are not obtained with 960,000 power traces when the chip works under shuffling mode. The automatic general-purpose system TH-PAS-01 is feasible for security analysis on power analysis for cryptographic devices.

Leakage squeezing: Optimal implementation and security evaluation

Journal of Mathematical Cryptology ◽

10.1515/jmc-2012-0018 ◽

2014 ◽

Vol 8 (3) ◽

Cited By ~ 7

Author(s):

Claude Carlet ◽

Jean-Luc Danger ◽

Sylvain Guilley ◽

Houssem Maghrebi

Keyword(s):

Power Analysis ◽

Hamming Distance ◽

Security Evaluation ◽

Side Channel ◽

Side Channel Attacks ◽

Zero Offset ◽

Sophisticated Analysis ◽

Sensitive Variable ◽

Optimal Implementation

AbstractHardware devices can be protected against side-channel attacks by introducing one random mask per sensitive variable. The computation throughout is unaltered if the shares (masked variable and mask) are processed concomitantly, in two distinct registers. Nonetheless, this setup can still be attacked if the side-channel is squared, because this operation causes an interference between the two shares. This more sophisticated analysis is referred to as a zero-offset second-order correlation power analysis (CPA) attack. When the device leaks in Hamming distance, the countermeasure can be improved by the “leakage squeezing”. It consists in manipulating the mask through a bijection, aimed at reducing the dependency between the shares' leakage. Thus

RFA: R-Squared Fitting Analysis Model for Power Attack

Security and Communication Networks ◽

10.1155/2017/5098626 ◽

2017 ◽

Vol 2017 ◽

pp. 1-8

Author(s):

An Wang ◽

Yu Zhang ◽

Liehuang Zhu ◽

Weina Tian ◽

Rixin Xu ◽

...

Keyword(s):

Correlation Analysis ◽

Success Rate ◽

Time Complexity ◽

Power Analysis ◽

Side Channel ◽

Analysis Model ◽

Nonlinear Correlation ◽

Important Method ◽

Fitting Model

Correlation Power Analysis (CPA) introduced by Brier et al. in 2004 is an important method in the side-channel attack and it enables the attacker to use less cost to derive secret or private keys with efficiency over the last decade. In this paper, we propose R-squared fitting model analysis (RFA) which is more appropriate for nonlinear correlation analysis. This model can also be applied to other side-channel methods such as second-order CPA and collision-correlation power attack. Our experiments show that the RFA-based attacks bring significant advantages in both time complexity and success rate.

Cryptanalysis of Chaos-Based Cryptosystem from the Hardware Perspective

International Journal of Bifurcation and Chaos ◽

10.1142/s0218127418501146 ◽

2018 ◽

Vol 28 (09) ◽

pp. 1850114 ◽

Cited By ~ 3

Author(s):

Yuling Luo ◽

Dezheng Zhang ◽

Junxiu Liu ◽

Yunqi Liu ◽

Yi Cao ◽

...

Keyword(s):

Power Analysis ◽

Statistical Tests ◽

Security Evaluation ◽

Side Channel ◽

Security Issue ◽

Side Channel Analysis ◽

Channel Information ◽

Cryptographic System ◽

Channel Analysis ◽

Chaos has been used in cryptography for years and many chaotic cryptographic systems have been proposed. Their securities are often evaluated by conducting conventional statistical tests, however few studies have referred to the security issue of the chaotic hardware cryptographic systems. This paper evaluates the security of the chaotic cryptographic system from a hardware perspective by using the side channel analysis attack. First, a chaotic block cryptosystem is designed and implemented based on an Atmel microcontroller. Then the conventional statistical security tests, including SP 800-22 test, characters frequency test, avalanche test, are used to verify its security performance. In the meantime, the correlation power analysis attack is carried out for the security evaluation. Experimental results demonstrate that even though the chaotic cryptographic system can pass the conventional statistical tests, it still has the probability to be attacked from a hardware perspective using the leaked side channel information such as execution time and power consumption. This paper proposes another way to analyze the security of the chaotic cryptosystem, which can aid designing mechanisms to enhance the security of the hardware cryptosystems in the future.

A Chaotic Block Cryptographic System Resistant to Power Analysis Attack

International Journal of Bifurcation and Chaos ◽

10.1142/s0218127419501062 ◽

2019 ◽

Vol 29 (08) ◽

pp. 1950106 ◽

Cited By ~ 1

Author(s):

Yuling Luo ◽

Dezheng Zhang ◽

Junxiu Liu

Keyword(s):

Power Consumption ◽

Correlation Coefficient ◽

Power Analysis ◽

Side Channel ◽

Power Analysis Attacks ◽

Intermediate Data ◽

Cryptographic Algorithm ◽

Channel Information ◽

Cryptographic System ◽

The securities of chaotic cryptographic systems are widely evaluated by conventional tests such as the character frequency test, entropy test and avalanche test. However, when the chaotic cryptosystem is in operation, side channel information such as power consumption, and electromagnetic radiation is leaked. The side channel information can be used to attack the cryptosystem, e.g. the side channel attack (SCA), which is a threat for the security of chaotic cryptographic systems. This paper proposes a chaotic block cryptographic algorithm that can resist the SCA, with the aim of enhancing the security of chaotic cryptosystems. Masking and hiding mechanisms are used in this work. By using the former, the intermediate data correlated with the plaintexts/keys are masked by random numbers, thus no direct correlation exists between the power consumption and the plaintexts/keys and the first order SCA can be counteracted. By using the latter, additional noise is added to the side channel information by randomizing the operation sequence of the algorithm. Combining these two methods, the higher order SCA can be counteracted. To evaluate the security of the proposed system, the correlation power analysis attacks are carried out based on the target device of an Atmel XMEGA microcontroller. For the proposed system, the correlation coefficient calculated from the correct key is not larger than the incorrect keys. However, for the unprotected cipher system, the correlation coefficient calculated from the correct key is 0.8 and the coefficients calculated from the incorrect keys are less than 0.5, i.e. the system can be attacked. Experimental results demonstrate that the proposed cryptosystems can counteract the correlation power analysis attacks and maintain the security performance for the chaotic cryptographic systems.

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering - Industrial Networks and Intelligent Systems ◽

An Efficient Side Channel Attack Technique with Improved Correlation Power Analysis

10.1007/978-3-030-63083-6_22 ◽

2020 ◽

pp. 291-300

Author(s):

Ngoc-Tuan Do ◽

Van-Phuc Hoang

Keyword(s):

Power Analysis ◽

Side Channel ◽

Side Channel Attack ◽

CONFISCA: An SIMD-Based Concurrent FI and SCA Countermeasure with Switchable Performance and Security Modes

Cryptography ◽

10.3390/cryptography5020013 ◽

2021 ◽

Vol 5 (2) ◽

pp. 13

Author(s):

Ehsan Aerabi ◽

David Hély ◽

Cyril Bresch ◽

Athanasios Papadimitriou ◽

Mahdi Fazeli

Keyword(s):

Power Analysis ◽

High Performance ◽

Fault Injection ◽

Signal To Noise Ratio ◽

Side Channel ◽

Testing Methods ◽

Signal To Noise ◽

Variance Testing

CONFISCA is the first generic SIMD-based software countermeasure that can concurrently resist against Side-Channel Attack (SCA) and Fault Injection (FI). Its promising strength is presented in a PRESENT cipher case study and compared to software-based Dual-rail with Pre-charge Logic concurrent countermeasure. It has lower overhead, wider usability, and higher protection. Its protection has been compared using Correlation Power Analysis, Welch’s T-Test, Signal-to-Noise Ratio and Normalized Inter-Class Variance testing methods. CONFISCA can on-the-fly switch between its two modes of operation: The High-Performance and High-Security by having only one instance of the cipher. This gives us the flexibility to trade performance/energy with security, based on the actual critical needs.

A Multiple Sieve Approach Based on Artificial Intelligent Techniques and Correlation Power Analysis

ACM Transactions on Multimedia Computing Communications and Applications ◽

10.1145/3433165 ◽

2021 ◽

Vol 17 (2s) ◽

pp. 1-21

Author(s):

Yaoling Ding ◽

Liehuang Zhu ◽

An Wang ◽

Yuan Li ◽

Yongjuan Wang ◽

...

Keyword(s):

Genetic Algorithm ◽

Success Rate ◽

Power Analysis ◽

Premature Convergence ◽

Side Channel ◽

Side Channel Analysis ◽

Simple Genetic Algorithm ◽

Enumeration Algorithms ◽

Channel Analysis ◽

Side-channel analysis achieves key recovery by analyzing physical signals generated during the operation of cryptographic devices. Power consumption is one kind of these signals and can be regarded as a multimedia form. In recent years, many artificial intelligence technologies have been combined with classical side-channel analysis methods to improve the efficiency and accuracy. A simple genetic algorithm was employed in Correlation Power Analysis (CPA) when apply to cryptographic algorithms implemented in parallel. However, premature convergence caused failure in recovering the whole key, especially when plenty of large S-boxes were employed in the target primitive, such as in the case of AES. In this article, we investigate the reason of premature convergence and propose a Multiple Sieve Method (MS-CPA), which overcomes this problem and reduces the number of traces required in correlation power analysis. Our method can be adjusted to combine with key enumeration algorithms and further improves the efficiency. Simulation experimental results depict that our method reduces the required number of traces by and , compared to classic CPA and the Simple-Genetic-Algorithm-based CPA (SGA-CPA), respectively, when the success rate is fixed to . Real experiments performed on SAKURA-G confirm that the number of traces required for recovering the correct key in our method is almost equal to the minimum number that makes the correlation coefficients of correct keys stand out from the wrong ones and is much less than the numbers of traces required in CPA and SGA-CPA. When combining with key enumeration algorithms, our method has better performance. For the traces number being 200 (noise standard deviation ), the attacks success rate of our method is , which is much higher than the classic CPA with key enumeration ( success rate). Moreover, we adjust our method to work on that DPA contest v1 dataset and achieve a better result (40.04 traces) than the winning proposal (42.42 traces).

Evaluation of Adiabatic S-box with Diode Connected Transistors as Countermeasure against Correlation Power Analysis Attacks

IEEJ Transactions on Electronics Information and Systems ◽

10.1541/ieejeiss.140.187 ◽

2020 ◽

Vol 140 (2) ◽

pp. 187-193

Author(s):

Yutaka Masaki ◽

Yasuhiro Takahashi

Keyword(s):

Power Analysis ◽

Power Analysis Attacks ◽