DOI QR코드

DOI QR Code

Power-based Side-Channel Analysis Against AES Implementations: Evaluation and Comparison

  • Benhadjyoussef, Noura (Faculty of Sciences of Monastir, Electronics and Micro-Electronics Laboratory (E.mu.E.L), University of Monastir) ;
  • Karmani, Mouna (Faculty of Sciences of Monastir, Electronics and Micro-Electronics Laboratory (E.mu.E.L), University of Monastir) ;
  • Machhout, Mohsen (Faculty of Sciences of Monastir, Electronics and Micro-Electronics Laboratory (E.mu.E.L), University of Monastir)
  • 투고 : 2021.04.05
  • 발행 : 2021.04.30

초록

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

키워드

참고문헌

  1. A. Singh, M. Kar, S. K. Mathew, A. Rajan, V. De, and S. Mukhopadhyay, Improved Power/EM Side-Channel Attack Resistance of 128-Bit AES Engines With Random Fast Voltage Dithering, IEEE J. Solid-State Circuits, 54(2) , (2019), pp. 569-583. https://doi.org/10.1109/jssc.2018.2875112
  2. D. Das and S. Sen, Electromagnetic and Power Side-Channel Analysis: Advanced Attacks and Low-Overhead Generic Countermeasures through White-Box Approach,"Cryptography, 4( 4), p. 30,( 2020). https://doi.org/10.3390/cryptography4040030
  3. P. Kocher, J. Jaffe, B. Jun, Differential Power Analysis, Crypto 1999, LNCS, 1666, Santa-Barbara, CA, USA, (1999), pp 398-412.
  4. D. Agrawal, B. Archambeault, J. Rao, P. Rohatgi, The EM Side-Channel(s), CHES 2002, LNCS, 2523, , Redwood City, CA, USA, August (2002), pp 29-45.
  5. N. Benhadjyoussef, M. Karmani, and H. Mestiri, Power Analysis for Smartcard's Authentication-Protocol, 2019 International Conference on Advanced Systems and Emergent Technologies (IC_ASET), Hammamet, Tunisia, (2019), pp. 268-272.
  6. J. Kundrata, D. Fujimoto, Y. Hayashi and A. Baric, "Comparison of Pearson correlation coefficient and distance correlation in Correlation Power Analysis on Digital Multiplier," 2020 43rd International Convention on Information, Communication and Electronic Technology (MIPRO), Opatija, Croatia, (2020), pp. 146-151,
  7. Brier, C. Clavier, and F. Olivier, Correlation Power Analysis with a Leakage Model BT - Cryptographic Hardware and Embedded Systems - CHES 2004, (2004), pp. 16-29.
  8. Yongdae Kim, Takeshi Sugawara and Naofumi Homma. Biasing power traces to improve correlation in power analysis attacks, First International Workshop on Constructive Side-Channel Analysis and Secure Desig, COSADE (2010).
  9. Neil Hanleyy, Robert McEvoyy and Michael Tunstally, Correlation Power Analysis of Large Word Sizes. ISSC (2007).
  10. N. Benhadjyoussef, M. Machhout and R. Tourki, "Optimized power trace numbers in CPA attacks," Eighth International Multi-Conference on Systems, Signals & Devices, Sousse, Tunisia, (2011), pp. 1-5,
  11. National Institute of Standards and Technology (NIST), Advanced Encryption Standard (AES), FIPS Publication 197, (2001).
  12. Stefan Mangard, Elisabeth Oswald, Thomas Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards", (2007)
  13. Wang, H. and E. Dubrova. "Tandem Deep Learning Side-Channel Attack Against FPGA Implementation of AES." IACR Cryptol. ePrint Arch. 2020 (2020).
  14. H. Maghrebi, T. Portigliatti, and E. Prouff, "Breaking cryptographic implementations using deep learning techniques," in International Conference on Security, Privacy, and Applied Cryptography Engineering, pp. 3-26, (2016)
  15. F.-X. Standaert, E. Peeters, G. Rouvroy, J.-J. Quisquater, An Overview of Power Analysis Attacks against field programmable gate arrays, 94(2), (2006).
  16. F.-X. Standaert, S.B. Ors, B. Preneel, Power Analysis of an FPGA Implementation of Rijndael: is Pipelining a DPA Countermeasure? in the proceedings of CHES 2004, Lecture Notes in Computer Science, vol 3156, Boston, USA, (2004) , pp 30-44.
  17. Eric Brier, Christophe Clavier and Francis Olivier. Optimal statistical power analysis. Cryptology ePrint Archive, Report 2003/152, 2003.
  18. P.Holambe, H.D. Zodpe, Cryptanalysis of AES using FPGA Implementation, International Journal of Engineering Trends and Technology (IJETT), 31(2), January (2016), Page 54. https://doi.org/10.14445/22315381/IJETT-V31P211
  19. Research Center for Information Security, "Sidechannel Attack Standard Evaluation BOard (SASEBO),"
  20. "DPA Contest v2, http://www.dpacontest.org/v2.
  21. D. Das, J. Danial, A. Golder, S. Ghosh, A. R. Wdhury and S. Sen, "Deep Learning Side-Channel Attack Resilient AES-256 using Current Domain Signature Attenuation in 65nm CMOS," IEEE Custom Integrated Circuits Conference (CICC), Boston, MA, USA, (2020), pp. 1-4.
  22. N. Benhadjyoussef, H. Mestiri, M. Machhout and R. Tourki, "Implementation of CPA analysis against AES design on FPGA," 2012 International Conference on Communications and Information Technology (ICCIT), Tunisia, (2012), pp. 124-128.
  23. Turki F. Al-Somani, M. K. Ibrahim, High Performance Elliptic Curve GF(2m) Cryptoprocessor Secure Against Timing Attacks, IJCSNS International Journal of Computer Science and Network Security, Vol. 6 No. 1 pp. 177~183, 2006
  24. M. Petrvalsky, M. Drutarovsky and M. Varchola, "Differential power analysis attack on ARM based AES implementation without explicit synchronization," 2014 24th International Conference Radioelektronika, Bratislava, Slovakia, (2014), pp. 1-4