저메모리 환경에 적합한 마스킹기반의 ARIA 구현

A Secure Masking-based ARIA Countermeasure for Low Memory Environment Resistant to Differential Power Attack

  • 발행 : 2006.06.01


본 논문에서는 국가표준 암호인 ARIA에 효율적인 마스킹 기법을 제안하였다. 4개의 SBOX에 대해 각각 마스킹을 적용하는 기존의 마스킹 기법과 달리, 본 논문에서는 1개의 테이블만을 사용한 마스킹 구현기법을 제안하고, 실험을 통하여 1차 DPA 공격에 안전함을 확인하였다. 제안하는 역원테이블 방법을 이용하면 한 번의 역원 테이블을 만드는데 많은 시간이 필요하지만 마스킹을 여러 번 수행하는 경우에는 테이블을 반복적으로 이용하게 되므로 연산속도를 크게 개선할 수 있다.

ARIA is a 128-bit block cipher, which became a Korean Standard in 2004. According to recent research, this cipher is attacked by first order DPA attack. In this paper, we propose a new masking technique as a countermeasure against first order DPA attack and apply it to the ARIA. The proposed method is suitable for low memory environment. By using this countermeasure, we verified that it is secure against first order DPA attack. In addition, our method based on precomputation of inverse table can reduce the computational cost as increasing the number of S-BOX masking.



  1. Paul Kocher, Joshua Jaffe, and Benjamin Jun, 'Differential Power Analysis,' in proceedings of Advances in Cryptology -CRYPTO '99, LNCS 1666, pp.388-397, Springer-Verlag, 1999
  2. Daesung Kwon et al., 'New Block Cipher ARIA,' in proceedings of ICISC 2002, LNCS 2971 ,Springer-Verlag, pp.541-548, 2002
  3. JaeCheol Ha, ChangKyun Kim, SangJae Moon, IlHwan Park, and HyungSo Yoo, 'Differential Power Analysis on Block Cipher ARIA,' in proceedings of HPCC 2005, LNCS 3726, pp.541-548, Springer-Verlag, 2005
  4. Thomas S. Messerges, 'Power Analysis Attacks and Countermeasures for Cryptographic Algorithms,' Ph.D Thesis 2000, pp.541-548
  5. Mehdi-Laurent Akkar and Christophe Giraud, 'An implementation of DES and AES, secure against some attacks,' in proceedings of CHES2001, LNCS 2162, pp.309-318, Springer-Verlag, 2001
  6. Elena Trichina, Domenico De Seta, and Lucia Germani, 'Simplified Adaptive Multiplicative Masking for AES,' in proceedings of CHES2002, LNCS 2523, pp.187-197, Springer-Verlag, 2003
  7. Johannes Blomer, Jorge Guajardo, and Volker Krummel, 'Provably Secure Masking of AES,' in proceedings of SAC2004, LNCS 3357, pp.69-83, Springer- Verlag, 2005
  8. Jovan D. Golic and Christophe Tymen. 'Multiplicative Masking and Power Analysis of AES,' in proceedings of CHES2002, LNCS 2523, pp.198-212, Springer-Verlag, 2002
  9. Louis Goubin and Jacques Patarin, ' DES and Differential Power Analysis - The Duplication Method,' in proceedings of CHES 1999, LNCS 1717, pp.158-172, Springer-Verlag, 1999
  10. Kris Tiri, Moonmoon Akmal, and Ingrid Verbauwhede, 'A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withsatand Differential Power Analysis on Smart Cards,' in proceedings of ESSCIRC2002, 2002
  11. Kris Tiri and Ingrid Verbauwhede, 'Securing Encryption Algorithms against DPA at the Logic Level : Next Generation Smart Card Technology,' in proceedings of CHES2003, LNCS 2779, pp.125-136, Springer, 2003
  12. Louis Goubin, 'A Sound Method for Switching between Boolean and Arithmetic Masking,' in proceedings of CHES 2001, LNCS 2162, pp.3-15, Springer- Verlag, 2001
  13. Stefan Mangard, 'Hardware Countermeasures against DPA - A Statistical Analysis of Their Effectiveness,' in proceedings of CT-RSA2004, LNCS 2964, pp.222-235, Springer-Verlag, 2004