Charge Based Power Side-Channel Attack Methodology for an Adiabatic Cipher

SIMON is a block cipher developed to provide flexible security options for lightweight hardware applications such as the Internet-of-things (IoT). Safeguarding such resource-constrained hardware from side-channel attacks poses a significant challenge. Adiabatic circuit operation has recently received attention for such applications due to ultra-low power consumption. In this work, a charge-based methodology is developed to mount a correlation power analysis (CPA) based side-channel attack to an adiabatic SIMON core. The charge-based method significantly reduces the attack complexity by reducing the required number of power samples by two orders of magnitude. The CPA results demonstrate that the required measurements-to-disclosure (MTD) to retrieve the secret key of an adiabatic SIMON core is 4× higher compared to a conventional static CMOS based implementation. The effect of increase in the target signal load capacitance on the MTD is also investigated. It is observed that the MTD can be reduced by half if the load driven by the target signal is increased by 2× for an adiabatic SIMON, and by 5× for a static CMOS based SIMON. This sensitivity to target signal capacitance of the adiabatic SIMON can pose a serious concern by facilitating a more efficient CPA attack.

Download Full-text

Mitigating the Side Channel Power Analysis Attacks using New Variable Mapping Substitution Technique

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d4389.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 10863-10868

Keyword(s):

Power Analysis ◽

Linear Feedback ◽

Side Channel ◽

Analysis Tool ◽

Secret Key ◽

Side Channel Attack ◽

Channel Power ◽

Architectural Change ◽

Variable Mapping ◽

Differential Properties

Side-channel attack has been a real threat against many cryptographic embedded systems. In this attack, the internal data is retrieved directly by analyzing the power magnitude according to the fact that there is a considerable difference in power when manipulating 0’s and 1’s. A commonly used algorithmic countermeasures incur large execution delay and resources overheads. In this paper, a novel technique using Variable Mapping Substitution (VMS) is proposed for mitigating side channel power analysis attack against Advanced Encryption Standard (AES). VMS-AES is a novel AES-like algorithm which uses Linear Feedback Shift Register (LFSR) to generate the required parameters used to remap the values of substitution box (S-box) randomly to another location depending on a secret key. This remapping also keeps the same good linear and differential properties of the AES S-box. VMS-AES algorithm can be easily deployed in most embedded applications because no architectural change is needed and only software modifications are performed. In our proposal, chipwisperer side channel attack analysis tool is used to verify the effectiveness of the proposed algorithm. Also VMS-AES with different number of rounds is evaluated using three methods: NIST statistical suite tests, correlation coefficient analysis, and cryptographic parameters evaluation to study the effects of this change upon the AES security

Download Full-text

Scan-Based Side-Channel Attack on the Camellia Block Cipher Using Scan Signatures

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e98.a.2547 ◽

2015 ◽

Vol E98.A (12) ◽

pp. 2547-2555 ◽

Cited By ~ 2

Author(s):

Huiqian JIANG ◽

Mika FUJISHIRO ◽

Hirokazu KODERA ◽

Masao YANAGISAWA ◽

Nozomu TOGAWA

Keyword(s):

Block Cipher ◽

Side Channel ◽

Side Channel Attack

Download Full-text

A Comprehensive Study of the Key Enumeration Problem

Entropy ◽

10.3390/e21100972 ◽

2019 ◽

Vol 21 (10) ◽

pp. 972 ◽

Cited By ~ 2

Author(s):

Ricardo Villanueva-Polanco

Keyword(s):

Main Memory ◽

Side Channel ◽

Secret Key ◽

Side Channel Attack ◽

Enumeration Algorithm ◽

Key Recovery ◽

Recovery Algorithm ◽

Enumeration Problem ◽

Enumeration Algorithms ◽

Recovery Problem

In this paper, we will study the key enumeration problem, which is connected to the key recovery problem posed in the cold boot attack setting. In this setting, an attacker with physical access to a computer may obtain noisy data of a cryptographic secret key of a cryptographic scheme from main memory via this data remanence attack. Therefore, the attacker would need a key-recovery algorithm to reconstruct the secret key from its noisy version. We will first describe this attack setting and then pose the problem of key recovery in a general way and establish a connection between the key recovery problem and the key enumeration problem. The latter problem has already been studied in the side-channel attack literature, where, for example, the attacker might procure scoring information for each byte of an Advanced Encryption Standard (AES) key from a side-channel attack and then want to efficiently enumerate and test a large number of complete 16-byte candidates until the correct key is found. After establishing such a connection between the key recovery problem and the key enumeration problem, we will present a comprehensive review of the most outstanding key enumeration algorithms to tackle the latter problem, for example, an optimal key enumeration algorithm (OKEA) and several nonoptimal key enumeration algorithms. Also, we will propose variants to some of them and make a comparison of them, highlighting their strengths and weaknesses.

Download Full-text

Efficient implementation of power analysis attack resistant advanced encryption standard algorithm on side-channel attack standard evaluation board

International Journal of Internet Technology and Secured Transactions ◽

10.1504/ijitst.2016.080392 ◽

2016 ◽

Vol 6 (3) ◽

pp. 203

Author(s):

Massoud Masoumi ◽

Pouya Habibi ◽

Ali Dehghan ◽

Mohammad Jadidi ◽

Leila Yousefi

Keyword(s):

Power Analysis ◽

Efficient Implementation ◽

Advanced Encryption Standard ◽

Side Channel ◽

Side Channel Attack ◽

Standard Algorithm ◽

Evaluation Board ◽

Power Analysis Attack

Download Full-text

Scan-Based Side-Channel Attack on the LED Block Cipher Using Scan Signatures

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e97.a.2434 ◽

2014 ◽

Vol E97.A (12) ◽

pp. 2434-2442 ◽

Cited By ~ 2

Author(s):

Mika FUJISHIRO ◽

Masao YANAGISAWA ◽

Nozomu TOGAWA

Keyword(s):

Block Cipher ◽

Side Channel ◽

Side Channel Attack

Download Full-text

Comprehensive Study of Side-Channel Attack on Emerging Non-Volatile Memories

Journal of Low Power Electronics and Applications ◽

10.3390/jlpea11040038 ◽

2021 ◽

Vol 11 (4) ◽

pp. 38

Author(s):

Mohammad Nasim Imtiaz Khan ◽

Shivam Bhasin ◽

Bo Liu ◽

Alex Yuan ◽

Anupam Chattopadhyay ◽

...

Keyword(s):

High Performance ◽

Spin Transfer Torque ◽

Spin Transfer ◽

Side Channel ◽

Secret Key ◽

Side Channel Attack ◽

Static Power ◽

High Scalability ◽

Power Operation ◽

Comprehensive Study

Emerging Non-Volatile Memories (NVMs) such as Magnetic RAM (MRAM), Spin-Transfer Torque RAM (STTRAM), Phase Change Memory (PCM) and Resistive RAM (RRAM) are very promising due to their low (static) power operation, high scalability and high performance. However, these memories bring new threats to data security. In this paper, we investigate their vulnerability against Side Channel Attack (SCA). We assume that the adversary can monitor the supply current of the memory array consumed during read/write operations and recover the secret key of Advanced Encryption Standard (AES) execution. First, we show our analysis of simulation results. Then, we use commercial NVM chips to validate the analysis. We also investigate the effectiveness of encoding against SCA on emerging NVMs. Finally, we summarize two new flavors of NVMs that can be resilient against SCA. To the best of our knowledge, this is the first attempt to do a comprehensive study of SCA vulnerability of the majority of emerging NVM-based cache.

Download Full-text

An Efficient Correlation Power Analysis Attack Using Variational Mode Decomposition

JST: Smart Systems and Devices ◽

10.51316/jst.150.ssad.2021.31.1.3 ◽

2020 ◽

Vol 31 (1) ◽

pp. 17-25

Keyword(s):

Power Analysis ◽

Side Channel ◽

Variational Mode Decomposition ◽

Secret Key ◽

Intrinsic Mode Functions ◽

Side Channel Attacks ◽

Mode Decomposition ◽

Noisy Conditions ◽

Correlation Power Analysis ◽

Evaluation Board

Side channel attacks (SCAs) are now a real threat to cryptographic devices and correlation power analysis (CPA) is the most powerful attack. So far, a CPA attack usually exploits the leakage information from raw power consumption traces that collected from the attack device. In real attack scenarios, these traces collected from measurement equipment are usually contaminated by noise resulting in a decrease in attack efficiency. In this paper, we propose a variant CPA attack that exploits the leakage information from intrinsic mode functions (IMFs) of the power traces. These IMFs are the results of the variational mode decomposition (VMD) process on the raw power traces. This attack technique decreases the number of power traces for correctly recovering the secret key by approximately 13% in normal conditions and 60% in noisy conditions compared to a traditional CPA attack. Experiments were performed on power traces of AES-128 implemented in both microcontroller and FPGA by Sakura-G/W side channel evaluation board to verify the effectiveness of our method.

Download Full-text

The Hardware Implementation of a Lightweight Block Cipher Algorithm and a Message Authentication Algorithm

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.546-547.1489 ◽

2012 ◽

Vol 546-547 ◽

pp. 1489-1494

Author(s):

Yi Kun Hu ◽

Zun Yang Qin

Keyword(s):

Hardware Implementation ◽

Block Cipher ◽

Side Channel ◽

Message Authentication ◽

Side Channel Attack ◽

Side Channel Attacks ◽

Processing Efficiency ◽

New Family ◽

Lightweight Block Cipher ◽

Lightweight Cipher

Among the block cipher algorithms, AES or DES is an excellent and preferred choice for most block cipher applications. But AES and DES are not very suitable for hardware implementation because of the high cost that they require large areas of routing and the processing efficiency is low, relatively. So lightweight cipher algorithms come into beings, among which PRESENT is very competitive. Along with the structure of a message authentication algorithm ALRED, a new family of Tunable Lightweight MAC based on PRESENT is proposed, that is TuLP. However, PRESENT is not able to resist side channel attack, so is TuLP, of course. For the above reason, in this paper, we provide an improvement of PRESENT by inserting random dummy cycles as well as shuffling to strengthen the security of PRESENT against side channel attacks. We will implement PRESENT and TuLP in Verilog and do simulation on Xilinx ISim platform. At last, we would like to provide the power analyzing of Xilinx XPower.

Download Full-text

SITM: See-In-The-Middle Side-Channel Assisted Middle Round Differential Cryptanalysis on SPN Block Ciphers

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i1.95-122 ◽

2019 ◽

pp. 95-122

Author(s):

Shivam Bhasin ◽

Jakub Breier ◽

Xiaolu Hou ◽

Dirmanto Jap ◽

Romain Poussier ◽

...

Keyword(s):

Block Cipher ◽

State Of The Art ◽

Block Ciphers ◽

Differential Cryptanalysis ◽

Side Channel ◽

Secret Key ◽

Side Channel Analysis ◽

Cryptographic Algorithms ◽

Channel Analysis ◽

Symmetric Block

Side-channel analysis constitutes a powerful attack vector against cryptographic implementations. Techniques such as power and electromagnetic side-channel analysis have been extensively studied to provide an efficient way to recover the secret key used in cryptographic algorithms. To protect against such attacks, countermeasure designers have developed protection methods, such as masking and hiding, to make the attacks harder. However, due to significant overheads, these protections are sometimes deployed only at the beginning and the end of encryption, which are the main targets for side-channel attacks.In this paper, we present a methodology for side-channel assisted differential cryptanalysis attack to target middle rounds of block cipher implementations. Such method presents a powerful attack vector against designs that normally only protect the beginning and end rounds of ciphers. We generalize the attack to SPN based ciphers and calculate the effort the attacker needs to recover the secret key. We provide experimental results on 8-bit and 32-bit microcontrollers. We provide case studies on state-of-the-art symmetric block ciphers, such as AES, SKINNY, and PRESENT. Furthermore, we show how to attack shuffling-protected implementations.

Download Full-text

A Side-Channel Attack on a Masked IND-CCA Secure Saber KEM Implementation

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i4.676-707 ◽

2021 ◽

pp. 676-707

Author(s):

Kalle Ngo ◽

Elena Dubrova ◽

Qian Guo ◽

Thomas Johansson

Keyword(s):

Error Correcting Codes ◽

Side Channel ◽

Secret Key ◽

Side Channel Attack ◽

Order Model ◽

Session Key ◽

Key Recovery ◽

Message Recovery ◽

Recovery Approach

In this paper, we present a side-channel attack on a first-order masked implementation of IND-CCA secure Saber KEM. We show how to recover both the session key and the long-term secret key from 24 traces using a deep neural network created at the profiling stage. The proposed message recovery approach learns a higher-order model directly, without explicitly extracting random masks at each execution. This eliminates the need for a fully controllable profiling device which is required in previous attacks on masked implementations of LWE/LWR-based PKEs/KEMs. We also present a new secret key recovery approach based on maps from error-correcting codes that can compensate for some errors in the recovered message. In addition, we discovered a previously unknown leakage point in the primitive for masked logical shifting on arithmetic shares.

Download Full-text