Journal of Digital Contents Society (디지털콘텐츠학회 논문지)

Digital Contents Society (한국디지털콘텐츠학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Rekeying and Sponged-based Scheme against Side Channel Attacks

부채널 공격 대응을 위한 Rekeying 기법에 관한 연구

  • Phuc, Tran Song Dat (Department of Computer Science and Engineering, Seoul National University of Science and Technology) ;
  • Lee, Changhoon (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
  • 짠송닷푹 (서울과학기술대학교 컴퓨터공학과) ;
  • 이창훈 (서울과학기술대학교 컴퓨터공학과)
  • Received : 2018.02.16
  • Accepted : 2018.03.25
  • Published : 2018.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

Simple Power Analysis(SPA) and Differential Power Analysis(DPA) attacks are Side Channel Attacks(SCA) which were introduced in 1999 by Kocher et al [2]. SPA corresponds to attacks in which an adversary directly recovers key material from the inspection of a single measurement trace (i.e. power consumption or electromagnetic radiation). DPA is a more sophisticated attacks in which the leakage corresponding to different measurement traces (i.e. different plaintexts encrypted under the same key) is combined. Defenses against SPA and DPA are difficult, since they essentially only reduce the signal the adversary is reading, PA and DPA. This paper presents a study on rekeying and sponged-based approach against SCA with current secure schemes. We also propose a fixed ISAP scheme with more secure encryption and authentication based on secure re-keying and sponge functions.

SPA(Simple Power Analysis)와 DPA(Differential Power Analysis) 공격은 1999년 Kocheretal.[2]이 소개한 부채널 공격(SCA, Side Channel Attacks)으로 SPA는 공격자가 전력소비 또는 전자기 방사선과 같은 단일 측정 트레이스에 대한 부채널 정보를 수집 및 분석해 키를 유추하고 DPA는 동일한 키로 암호화한 서로 다른 평문과 같은 여러 측정 트레이스에 대한 부채널 정보를 수집하고 이에 대한 차분을 이용해 키를 유추하는 보다 정교한 공격방법이다. SPA와 DPA는 공격자가 수집할 수 있는 부채널 정보를 본질적으로 줄여 대응해야 하기 때문에 SPA와 DPA에 대한 대응에는 많은 어려움이 있다. 본 논문에서는 SPA및 DPA와 같은 수동적 부채널 공격에 대응하기 위한 ISAP[8] 스킴에 대한 안전성에 대해 다루고 있고 기존에 부채널 공격에 대응하기 위한 기법 Rekeying 기법과 스펀지 구조를 다루고 있다. 또한, 본 논문에서는 Rekeying 기법과 스펀지 구조에 기반해 보다 안전한 암호화 및 인증을 제공하는 개선된 ISAP 스킴을 제안하고자 한다.

Keywords

References

  1. Dobraunig, C., Eichlseder, M., Mangard, S., Mendel, F., Unterluggauer, T, "ISAP- towards side-channel secure authenticated encryption.", IACR Trans. Symmetric Cryptol. 2017(1), 80-105, 2017.
  2. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun, Differential Power Analysis, In Michael J. Wiener, editor, CRYPTO '99, Vol. 1666 of LNCS, pp. 388-397. Springer, 1999.
  3. Paul Kocher, Leak Resistant Cryptographic Indexed Key Update, US Patent 6539092, 2003.
  4. Bart Mennink, Reza Reyhanitabar, and Damian Vizar "Security of full-state keyed sponge and duplex: Applications to authenticated encryption," iIn Tetsu Iwata and Jung Hee Cheon, editors, ASIACRYPT 2015, Vol. 9453 of LNCS, pp. 465-489. Springer, 2015.
  5. Marcel Medwed, François-Xavier Standaert, Johann GroBschadl, and Francesco Regazzoni, "Fresh re-keying: Security against side-channel and fault attacks for low-cost devices," in Daniel J. Bernstein and Tanja Lange, editors, AFRICACRYPT 2010, volume 6055 of LNCS, pages 279-296. Springer, 2010.
  6. Chang-hoon Lee, "A Study on Application Method of Crypto-module for Industrial Control System", in Content Applications and Convergence Technology, Journal of DCS, Vol. 18, No. 5, August. 2017.
  7. Elena Andreeva, Joan Daemen, Bart Mennink, and Gilles Van Assche, "Security of keyed sponge constructions using a modular proof approach", In Gregor Leander, editor, FSE 2015, Vol. 9054 of LNCS, pp. 364-384. Springer, 2015.
  8. Abdalla, M., Bellare, M., "Increasing the lifetime of a key: A comparative analysis of the security of re-keying techniques", In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol.1976, pp. 546-559. Springer 2000.
  9. Hee-Sook Kim, "Smart CCTV Security Service in IoT(Internet of Things) Environment", in Convergence Content Services, Journal of DCS, Vol. 18, No. 6, October. 2017.
  10. Sonia Belaid, Fabrizio De Santis, Johann Heyszl, Stefan Mangard, Marcel Medwed, Jorn-Marc Schmidt, Francois-Xavier Standaert, and Stefan Tillich, "Towards fresh re-keying with leakage-resilient PRFs: Cipher design principles and analysis.", J. Cryptographic Engineering, 4(3):157-171, 2014.
  11. Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, "On the indifferentiability of the sponge construction", in Nigel P. Smart, editor, EUROCRYPT 2008, volume 4965 of LNCS, pages 181-197. Springer, 2008.
  12. Francesco Berti, Francois Koeune, Olivier Pereira, Thomas Peters, and Francois-Xavier Standaert, "Leakage-resilient and misuse-resistant authenticated encryption", Cryptology ePrint Archive, Report 2016/996, 2016.
  13. Christoph Dobraunig, Francois Koeune, Stefan Mangard, Florian Mendel, and Francois-Xavier Standaert, "Towards fresh and hybrid re-keying schemes with beyond birthday security", In Naofumi Homma and Marcel Medwed, editors, CARDIS 2015, Vol. 9514 of LNCS, pp. 225-241. Springer, 2015.
  14. Sebastian Faust, Krzysztof Pietrzak, and Joachim Schipper, "Practical leakage resilient symmetric cryptography", in Emmanuel Prouff and Patrick Schaumont, editors, CHES 2012, volume 7428 of LNCS, pages 213-232. Springer, 2012.
  15. Qian Guo and Thomas Johansson, "A new birthday-type algorithm for attacking the fresh re-keying countermeasure", Cryptology ePrint Archive, Report 2016/225, 2016.
  16. Stefan Mangard, Elisabeth Oswald, and Thomas Popp, "Power analysis attacks - Revealing the secrets of smart cards", Springer, 2007.
  17. Marcel Medwed, Christophe Petit, Francesco Regazzoni, Mathieu Renauld, and Francois-Xavier Standaert, "Fresh re-keying II: Securing multiple parties against side-channel and fault attacks", in Emmanuel Prouff, editor, CARDIS 2011, Vol. 7079 of LNCS, pp. 115-132. Springer, 2011.
  18. G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche, "Sponge functions", in Ecrypt Hash Workshop 2007, May 2007, also available as public comment to NIST from http://www.csrc.nist.gov/pki/HashWorkshop/Public_Comments/2007_May.html.
  19. Thomas Unterluggauer, Mario Werner, and Stefan Mangard., "Side-channel plaintext-recovery attacks on leakage-resilient encryption.", in DATE, 2017.
  20. V. Grosso, G. Leurent, F.-X. Standaert, K. Varici, F. D. A. Journault, L. Gaspar, and S. Kerckhof, "SCREAM & iSCREAM Side-Channel Resistant Authenticated Encryption with Masking;", in CAESAR Competition, 2014.