Transparency order versus confusion coefficient: a case study of NIST lightweight cryptography S-Boxes

AbstractSide-channel resistance is nowadays widely accepted as a crucial factor in deciding the security assurance level of cryptographic implementations. In most cases, non-linear components (e.g. S-Boxes) of cryptographic algorithms will be chosen as primary targets of side-channel attacks (SCAs). In order to measure side-channel resistance of S-Boxes, three theoretical metrics are proposed and they are reVisited transparency order (VTO), confusion coefficients variance (CCV), and minimum confusion coefficient (MCC), respectively. However, the practical effectiveness of these metrics remains still unclear. Taking the 4-bit and 8-bit S-Boxes used in NIST Lightweight Cryptography candidates as concrete examples, this paper takes a comprehensive study of the applicability of these metrics. First of all, we empirically investigate the relations among three metrics for targeted S-boxes, and find that CCV is almost linearly correlated with VTO, while MCC is inconsistent with the other two. Furthermore, in order to verify which metric is more effective in which scenarios, we perform simulated and practical experiments on nine 4-bit S-Boxes under the non-profiled attacks and profiled attacks, respectively. The experiments show that for quantifying side-channel resistance of S-Boxes under non-profiled attacks, VTO and CCV are more reliable while MCC fails. We also obtain an interesting observation that none of these three metrics is suitable for measuring the resistance of S-Boxes against profiled SCAs. Finally, we try to verify whether these metrics can be applied to compare the resistance of S-Boxes with different sizes. Unfortunately, all of them are invalid in this scenario.

Download Full-text

Side-channel attacks against the human brain: the PIN code case study (extended version)

Brain Informatics ◽

10.1186/s40708-018-0090-1 ◽

2018 ◽

Vol 5 (2) ◽

Cited By ~ 2

Author(s):

Joseph Lange ◽

Clément Massart ◽

André Mouraux ◽

François-Xavier Standaert

Keyword(s):

Human Brain ◽

Side Channel ◽

Extended Version ◽

Side Channel Attacks

Download Full-text

Optical Fault Injection Attacks against Cipher Chip

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.1044-1045.1498 ◽

2014 ◽

Vol 1044-1045 ◽

pp. 1498-1502 ◽

Cited By ~ 1

Author(s):

Hong Sheng Wang ◽

Dao Gang Ji ◽

Yang Zhang ◽

Kai Yan Chen ◽

Kai Song

Keyword(s):

Fault Injection ◽

Side Channel ◽

Side Channel Attack ◽

Side Channel Attacks ◽

Secret Information ◽

Injection Attacks ◽

Cryptographic Algorithms ◽

Fault Injection Attacks

Cipher chips, such as microprocessors, are playing the important role in most cryptosystems, and implementing many public cryptographic algorithms. However, Side channel attacks pose serious threats to Cipher chips. Optical Side channel attack is a new kind of method against cipher chips. Two methods are presented in this paper, which shows how to implement optical fault injection attacks against RSA and AES algorithms running on AT89C52 microchip, and demonstrates how to exploit secret information under attack.

Download Full-text

Side-Channel Attacks Against the Human Brain: The PIN Code Case Study

Constructive Side-Channel Analysis and Secure Design - Lecture Notes in Computer Science ◽

10.1007/978-3-319-64647-3_11 ◽

2017 ◽

pp. 171-189 ◽

Cited By ~ 2

Author(s):

Joseph Lange ◽

Clément Massart ◽

André Mouraux ◽

Francois-Xavier Standaert

Keyword(s):

Human Brain ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

Characteristic Analysis of Side Channel Attacks and Various Power Analysis Attack Techniques

Implementing Computational Intelligence Techniques for Security Systems Design - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-7998-2418-3.ch009 ◽

2020 ◽

pp. 182-195

Author(s):

Shaminder Kaur ◽

Balwinder Singh ◽

Harsimran Jit Kaur

Keyword(s):

Embedded Systems ◽

Power Analysis ◽

Side Channel ◽

Characteristic Analysis ◽

Side Channel Attacks ◽

Design Constraints ◽

Secure Systems ◽

Cryptographic Algorithms ◽

Active Attacks ◽

Insight Into

Embedded systems have a plethora of security solutions and encryption protocols that can protect them against a multitude of attacks. Hardware engineers infuse lot of time and effort in implementing cryptographic algorithms, keeping the analysis of design constraints into rumination. When it comes to designs in potential hostile environment, engineers face a challenge for building resistance-free embedded systems against attacks called side channel attacks. Therefore, there is a strong need to address issues related to side channel attacks. This chapter will provide an insight into the field of hardware security, and will provide a deep investigation of various types of side channel attacks and better understanding of various power analysis tools, which will further give researchers a vision to build efficient and secure systems in order to thwart attacks. This chapter mainly focuses on passive attacks as compared to active attacks since passive attacks are easy to perform and lot of research is going on these attacks.

Download Full-text

Private Function Evaluation Using Intel’s SGX

Security and Communication Networks ◽

10.1155/2020/3042642 ◽

2020 ◽

Vol 2020 ◽

pp. 1-10

Author(s):

Omar Abou Selo ◽

Maan Haj Rachid ◽

Abdullatif Shikfa ◽

Yongge Wang ◽

Qutaibah Malluhi

Keyword(s):

Homomorphic Encryption ◽

The Other ◽

Third Party ◽

Function Evaluation ◽

Side Channel ◽

Side Channel Attacks ◽

Practical Solution ◽

Running Time ◽

First Case ◽

Private Data

Private Function Evaluation (PFE) is the problem of evaluating one party’s private data using a private function owned by another party. Existing solutions for PFE are based on universal circuits evaluated in secure multiparty computations or on hiding the circuit’s topology and the gate’s functionality through additive homomorphic encryption. These solutions, however, are not efficient enough for practical use; hence there is a need for more efficient techniques. This work looks at utilizing the Intel Software Guard Extensions platform (SGX) to provide a more practical solution for PFE where the privacy of the data and the function are both preserved. Notably, our solution carefully avoids the pitfalls of side-channel attacks on SGX. We present solutions for two different scenarios: the first is when the function’s owner has an SGX-enabled device and the other is when a third party (or one of the data owners) has the SGX capability. Our results show a clear expected advantage in terms of running time for the first case over the second. Investigating the slowdown in the second case leads to the garbling time which constitutes more than 60% of the consumed time. Both solutions clearly outperform FairplayPF in our tests.

Download Full-text

Novel side-channel attacks on emerging cryptographic algorithms and computing systems

10.17760/d20316363 ◽

2018 ◽

Author(s):

Chao Luo

Keyword(s):

Side Channel ◽

Side Channel Attacks ◽

Computing Systems ◽

Cryptographic Algorithms

Download Full-text

Side-Channel Protections for Picnic Signatures

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i4.239-282 ◽

2021 ◽

pp. 239-282

Author(s):

Diego F. Aranha ◽

Sebastian Berndt ◽

Thomas Eisenbarth ◽

Okan Seker ◽

Akira Takahashi ◽

...

Keyword(s):

Hash Function ◽

Proof System ◽

Side Channel ◽

Side Channel Attacks ◽

Zero Knowledge ◽

Signature Schemes ◽

First Order ◽

The Third ◽

Zero Knowledge Proof

We study masking countermeasures for side-channel attacks against signature schemes constructed from the MPC-in-the-head paradigm, specifically when the MPC protocol uses preprocessing. This class of signature schemes includes Picnic, an alternate candidate in the third round of the NIST post-quantum standardization project. The only previously known approach to masking MPC-in-the-head signatures suffers from interoperability issues and increased signature sizes. Further, we present a new attack to demonstrate that known countermeasures are not sufficient when the MPC protocol uses a preprocessing phase, as in Picnic3.We overcome these challenges by showing how to mask the underlying zero-knowledge proof system due to Katz–Kolesnikov–Wang (CCS 2018) for any masking order, and by formally proving that our approach meets the standard security notions of non-interference for masking countermeasures. As a case study, we apply our masking technique to Picnic. We then implement different masked versions of Picnic signing providing first order protection for the ARM Cortex M4 platform, and quantify the overhead of these different masking approaches. We carefully analyze the side-channel risk of hashing operations, and give optimizations that reduce the CPU cost of protecting hashing in Picnic by a factor of five. The performance penalties of the masking countermeasures ranged from 1.8 to 5.5, depending on the degree of masking applied to hash function invocations.

Download Full-text

Electromagnetic Side-Channel Attack on AES using Low-end Equipment

ECTI Transactions on Computer and Information Technology (ECTI-CIT) ◽

10.37936/ecti-cit.2020142.239925 ◽

2020 ◽

Vol 14 (2) ◽

pp. 139-148

Author(s):

Martin Hell ◽

Oskar Westman

Keyword(s):

Electromagnetic Radiation ◽

Side Channel ◽

Side Channel Attack ◽

Side Channel Attacks ◽

Cryptographic Algorithms ◽

Optimal Setting

Side-channel attacks on cryptographic algorithms targets the implementation of the algorithm. Information can leak from the implementation in several different ways and, in this paper, electromagnetic radiation from an FPGA is considered. We examine to which extent key information from an AES implementation can be deduced using a low-end oscilloscope. Moreover, we examine how the antenna's distance from the FPGA affects the results in this setting. Our experiments show that some key bits indeed can be inferred from the measurements, despite having a far from optimal setting.

Download Full-text

Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes

10.29007/hhnf ◽

2018 ◽

Author(s):

Inès Ben El Ouahma ◽

Quentin Meunier ◽

Karine Heydemann ◽

Emmanuelle Encrenaz

Keyword(s):

Source Code ◽

Side Channel ◽

Inference Rules ◽

Side Channel Attacks ◽

Secret Data ◽

Source Codes ◽

Resistance Analysis ◽

Channel Resistance ◽

Symbolic Method ◽

Symbolic Approach

Masking is a popular countermeasure against side-channel attacks, that randomizes secret data with random and uniform variables called masks. At software level, masking is usually added in the source code and its effectiveness needs to be verified. In this paper, we propose a symbolic method to verify side-channel robustness of masked programs. The analysis is performed at the assembly level since compilation and optimizations may alter the added protections. Our proposed method aims to verify that intermediate computations are statistically independent from secret variables using defined distribution inference rules. We verify the first round of a masked AES in 22s and show that some secure algorithms or source codes are not leakage-free in their assembly implementations.

Download Full-text

Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT

10.5121/csit.2021.110915 ◽

2021 ◽

Author(s):

Nilupulee A. Gunathilake ◽

Ahmed Al-Dubai ◽

William J. Buchanan ◽

Owen Lo

Keyword(s):

Electromagnetic Emission ◽

Forensic Analysis ◽

Side Channel ◽

Electromagnetic Analysis ◽

Side Channel Attacks ◽

Lightweight Cryptography ◽

Resource Limited ◽

Novel Approach ◽

Data Rates ◽

Iot Devices

Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, continuous observations of physical leakages are essential to minimise vulnerabilities associated with cryptographic functions. Lightweight cryptography is a novel approach in progress towards internet-of-things (IoT) security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosystem. IoT devices are resource-limited in terms of data rates (in kbps), power maintainability (battery) as well as hardware and software footprints (physical size, internal memory, RAM/ROM). Due to the difficulty in handling conventional cryptographic algorithms, lightweight ciphers consist of small key sizes, block sizes and few operational rounds. Unlike in the past, affordability to perform side-channel attacks using inexpensive electronic circuitries is becoming a reality. Hence, cryptanalysis of physical leakage in these emerging ciphers is crucial. Among existing studies, power analysis seems to have enough attention in research, whereas other aspects such as electromagnetic, timing, cache and optical attacks continue to be appropriately evaluated to play a role in forensic analysis. As a result, we started analysing electromagnetic emission leakage of an ultra-lightweight block cipher, PRESENT. According to the literature, PRESENT promises to be adequate for IoT devices, and there still seems not to exist any work regarding correlation electromagnetic analysis (CEMA) of it. Firstly, we conducted simple electromagnetic analysis in both time and frequency domains and then proceeded towards CEMA attack modelling. This paper provides a summary of the related literature (IoT, lightweight cryptography, side-channel attacks and EMA), our methodology, current outcomes and future plans for the optimised results.

Download Full-text