Browse > Article
http://dx.doi.org/10.13089/JKIISC.2019.29.2.287

Novel Vulnerability against Dummy Based Side-Channel Countermeasures - Case Study: XMEGA  

Lee, JongHyeok (Dept. of Financial Information Security, Kookmin University)
Han, Dong-Guk (Dept. of Financial Information Security, Kookmin University)
Abstract
When cryptographic algorithms are implemented to provide countermeasures against the side-channel analysis, designers frequently employ the combined countermeasures between the first-order masking scheme and hiding schemes. Their combination can be enough to offer security and efficiency. However, if dummy operations can be distinguished from real operations, an attacker can extract the secret key with lower complexity than the intended attack complexity by the designer inserting the dummy operations. In this paper, we categorize types of variables used in a dummy operation when C language is employed. Then, we present the novel vulnerability that can distinguish dummy operations for all cases where the hiding schemes are applied using different types of variables. Moreover, the countermeasure is provided to prevent the novel vulnerability.
Keywords
Side-Channel Analysis; Countermeasure; Hiding Scheme; Dummy;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. Goubin and J. Patarin, "DES and differential power analysis - the duplication method," Cryptographic Hardware and Embedded System, CHES'99, LNCS 1717, pp. 158-172, 1999.
2 ATxmega128D4 - 8-bit AVR "atxmega 128d4 specification" Microcontrollers, http://www.microchip.com/wwwproducts/en/ATxmega128D4, 2016.
3 ChipWhisperer(R) - NewAE Technology Inc., "chipwhisperer" https://newae.co m/tools/chipwhisperer/, 2017.
4 V. Rijmen and J. Daemen, "Advanced encryption standard," Proceedings of Federal Information Processing Standards Publications, National Institute of Standards and Technology, 2001.
5 P. Herbst, E. Oswald, and S. Mangard, "An AES smart card implementation resistant to power analysis attacks," Applied Cryptography and Network Security, ACNS'06, LNCS 3989, pp. 239-252, 2006.
6 P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," Advanced in Cryptology, CRYPTO'99, LNCS 1666, pp. 388-397, Aug. 1999.
7 S. Tillich and C. Herbst, "Attacking state-of-the-art software countermeasures - a case study for AES," Cryptographic Hardware and Embedded System, CHES'08, LNCS 5154, pp. 228-243, 2008.
8 S. Chari, C. Justla, J. Rao, and P. Rohatgi, "Towards sound approaches to counteract power-analysis attacks," Advances in Cryptology, CRYPTO'99, LNCS 1666, pp. 384-412, 1999.
9 S. Tillich, C. Herbst, and S. Mangard, "Protecting AES software implementations on 32-bit processors against power analysis," Applied Cryptography and Network Security, ACNS'07, LNCS 4521, pp. 141-157, 2007.
10 S. Mangard, E. Oswald, and T. Poop, "Power analysis attacks: Revealing the secrets of smart cards," Springer, 2008.
11 E. Brier, C. Clavier, and F. Olivier, "Correlation power analysis with a leakage model," Cryptographic Hardware and Embedded Systems, CHES'04, LNCS 3156, pp. 1-15, Aug. 2004.
12 F.X. Standaert, B. Gierlichs, and I. Verbauwhede, "Partition vs. comparison side-channel distinguishers: An empirical evaluation of statistical tests for univariate side-channel attacks against two unprotected cmos device," International Conference of Information Security and Cryptology, ICISC'08, LNCS 5461, pp. 253-267, 2008.
13 F.X. Standaert, T.G. Malkin, and M. Yung, "A unified framework for the analysis of side-channel key recovery attacks," Advanced in Cryptology, EUROCRYPT'09, LNCS 5479, pp. 443-461, 2009.
14 H. Kim, S. Hong, and J. Lim, "A fast and provably secure higher-order masking of AES S-box," Cryptographic Hardware and Embedded System, CHES'11, LNCS 6917, pp. 95-107, 2011.
15 I. Diop, P.Y. Liardet, Y. Linge, and P. Maurine, "Collision based attacks in practice," 2015 Euromicro Conference on Digital System Design, DSD'15, pp. 367-374, 2015.