Browse > Article
http://dx.doi.org/10.6109/jicce.2014.12.4.237

Higher-Order Countermeasures against Side-Channel Cryptanalysis on Rabbit Stream Cipher  

Marpaung, Jonathan A.P. (Cryptography & Network Security Lab., Department of Ubiquitous IT, Dongseo University)
Ndibanje, Bruce (Cryptography & Network Security Lab., Department of Ubiquitous IT, Dongseo University)
Lee, Hoon Jae (Cryptography & Network Security Lab., Department of Ubiquitous IT, Dongseo University)
Publication Information
Journal of information and communication convergence engineering / v.12, no.4, 2014 , pp. 237-245 More about this Journal
Abstract
In this study, software-based countermeasures against a side-channel cryptanalysis of the Rabbit stream cipher were developed using Moteiv's Tmote Sky, a popular wireless sensor mote based on the Berkeley TelosB, as the target platform. The countermeasures build upon previous work by improving mask generation, masking and hiding other components of the algorithm, and introducing a key refreshment scheme. Our contribution brings improvements to previous countermeasures making the implementation resistant to higher-order attacks. Four functional metrics, namely resiliency, robustness, resistance, and scalability, were used for the assessment. Finally, performance costs were measured using memory usage and execution time. In this work, it was demonstrated that although attacks can be feasibly carried out on unprotected systems, the proposed countermeasures can also be feasibly developed and deployed on resource-constrained devices, such as wireless sensors.
Keywords
Rabbit stream cipher; Side-channel cryptanalysis; Software countermeasures; Ubiquitous technology;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Common Criteria for Information Technology Security Evaluation [Internet], Available: http://www.commoncriteriaportal.org/cc/.
2 German Federal Office for Information Security, Common Criteria - Protection Profile Cryptographic Modules, Security Level 'Enhanced'. Bonn: German Federal Office for Information Security, 2008.
3 National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (SP 800-90A). Gaithersburg, MD: National Institute of Standards and Technology, 2012.
4 H. Chan and A. Perrig, "PIKE: peer intermediaries for key establishment in sensor networks," in Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies, Miami, FL, pp. 524-535, 2005.
5 National Institute of Standards and Technology, "Security requirements of cryptographic modules," FIPS 140-3, 2009.
6 C. Hartung, J. Balasalle, and R. Han, "Node compromise in sensor networks: the need for secure systems," Department of Computer Science, University of Colorado at Boulder, Technical Report CUCS-990-05, 2005.
7 Ecrypt stream cipher project [Internet], Available: http://www.ecrypt.eu.org/stream/.
8 European Network of Excellence for Cryptology II (ECRYPT II) [Internet], Available: http://www.ecrypt.eu.org/.
9 Information technology - Security techniques - Encryption algorithms - Part 4: Stream ciphers, ISO/IEC 18033-4:2011, 2011.
10 K. Bae, M. Ahn, H. Lee, J. Ha, and S. Moon, "Power analysis attack and countermeasure on the Rabbit Stream Cipher," in Proceedings of the 7th International Workshop on Software Engineering for Secure Systems, Honolulu, HI, pp. 50-56, 2011.
11 M. Abdalla and M. Bellare, "Increasing the lifetime of a key: a comparative analysis of the security of re-keying techniques," in Advances in Cryptology (ASIACRYPT 2000). Heidelberg: Springer, pp. 546-559, 2000.
12 A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler, "SPINS: security protocols for sensor networks," Wireless Networks, vol. 8, no. 5, pp. 521-534, 2002.   DOI   ScienceOn
13 National Institute of Standards and Technology, Recommendation for Key Derivation Using Pseudorandom Functions (SP 800-108). Gaithersburg, MD: National Institute of Standards and Technology, 2009.
14 L. Eschenauer and V. D. Gligor, "A key-management scheme for distributed sensor networks," in Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, pp. 41-47, 2002.
15 W. Du, J. Deng, Y. S. Han, S. Chen, and P. K. Varshney, "A key management scheme for wireless sensor networks using deployment knowledge," in Proceedings of the 23rd Annual Joint Conference of the IEEE Computer and Communications Societies, Hong Kong, China, 2004.