• Title/Summary/Keyword: Power Analysis Attack

Search Result 215, Processing Time 0.021 seconds

Differential Power Analysis Attack on Cryptosystem adopted NAF Algorithm as a Secret Key Recoding Method (비밀키를 NAF로 사용하는 암호시스템의 차분 전력분석 공격)

  • Ahn Mahn-Ki;Ha Jae-Cheol;Lee Hoon-Jae;Moon Sang-Jae
    • Journal of Internet Computing and Services
    • /
    • v.4 no.3
    • /
    • pp.1-8
    • /
    • 2003
  • The power analysis attack is a physical attack which can be applied to the cryptosystems such as smartcard. We try to experimental attack to a smart card which implemented Elliptic Curve Cryptosystem adopting NAF algorithm as a secret key recording method. Our differential power analysis attack is a potential threat to that implementation. The attacker measures the power traces during the multiplication with secret key bits in a target smart card and the multiplication with the guessed bits in other experimental one. The comparison of these two traces gives a secret bit, which means that attacker can find all secret key bits successively.

  • PDF

Maximal overlap discrete wavelet transform-based power trace alignment algorithm against random delay countermeasure

  • Paramasivam, Saravanan;PL, Srividhyaa Alamelu;Sathyamoorthi, Prashanth
    • ETRI Journal
    • /
    • v.44 no.3
    • /
    • pp.512-523
    • /
    • 2022
  • Random delay countermeasures introduce random delays into the execution flow to break the synchronization and increase the complexity of the side channel attack. A novel method for attacking devices with random delay countermeasures has been proposed by using a maximal overlap discrete wavelet transform (MODWT)-based power trace alignment algorithm. Firstly, the random delay in the power traces is sensitized using MODWT to the captured power traces. Secondly, it is detected using the proposed random delay detection algorithm. Thirdly, random delays are removed by circular shifting in the wavelet domain, and finally, the power analysis attack is successfully mounted in the wavelet domain. Experimental validation of the proposed method with the National Institute of Standards and Technology certified Advanced Encryption Standard-128 cryptographic algorithm and the SAKURA-G platform showed a 7.5× reduction in measurements to disclosure and a 3.14× improvement in maximum correlation value when compared with similar works in the literature.

Second-Order G-equivariant Logic Gate for AND Gate and its Application to Secure AES Implementation (AND 게이트에 대한 2차 G-equivariant 로직 게이트 및 AES 구현에의 응용)

  • Baek, Yoo-Jin;Choi, Doo-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.1
    • /
    • pp.221-227
    • /
    • 2014
  • When implementing cryptographic algorithms in mobile devices like smart cards, the security against side-channel attacks should be considered. Side-channel attacks try to find critical information from the side-channel infromation obtained from the underlying cryptographic devices' execution. Especially, the power analysis attack uses the power consumption profile of the devices as the side-channel information. This paper proposes a new gate-level countermeasure against the power analysis attack and the glitch attack and suggests how to apply the measure to securely implement AES.

New Power Analysis Attack on The Masking Type Conversion Algorithm (마스킹 형태 변환 알고리즘에 대한 새로운 전력 분석 공격)

  • Cho, Young-In;Kim, Hee-Seok;Han, Dong-Guk;Hong, Seok-Hie;Kang, Ju-Sung
    • Journal of the Institute of Electronics Engineers of Korea SP
    • /
    • v.47 no.1
    • /
    • pp.159-168
    • /
    • 2010
  • In the recent years, power analysis attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. The type conversion of masking is unavoidable since Boolean operation and Arithmetic operation are performed together in block cipher. Messerges proposed a masking type conversion algorithm resistant general power analysis attack and then it's vulnerability was reported. We present that some of exiting attacks have some practical problems and propose a new power analysis attack on Messerges's algorithm. After we propose the strengthen DPA and CPA attack on the masking type conversion algorithm, we show that our proposed attack is a practical threat as the simulation results.

Countermeasure Techniques Analysis for Power Analysis Attack (전력분석공격에 대한 대응기술 분석)

  • Kang, Young-Jin;Jo, Jung-Bok;Lee, HoonJae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.05a
    • /
    • pp.221-223
    • /
    • 2014
  • Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.

  • PDF

Correlation Power Analysis Attack on Lightweight Block Cipher LEA and Countermeasures by Masking (경량 블록암호 LEA에 대한 상관관계 전력분석 공격 및 마스킹 대응 기법)

  • An, Hyo-Sik;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.7
    • /
    • pp.1276-1284
    • /
    • 2017
  • Lightweight Encryption Algorithm (LEA) that was standardized as a lightweight block cipher was implemented with 8-bit data path, and the vulnerability of LEA encryption processor to correlation power analysis (CPA) attack was analyzed. The CPA used in this paper detects correct round keys by analyzing correlation coefficient between the Hamming distance of the computed data by applying hypothesized keys and the power dissipated in LEA crypto-processor. As a result of CPA attack, correct round keys were detected, which have maximum correlation coefficients of 0.6937, 0.5507, and this experimental result shows that block cipher LEA is vulnerable to power analysis attacks. A masking method based on TRNG was proposed as a countermeasure to CPA attack. By applying masking method that adds random values obtained from TRNG to the intermediate data of encryption, incorrect round keys having maximum correlation coefficients of 0.1293, 0.1190 were analyzed. It means that the proposed masking method is an effective countermeasure to CPA attack.

A Physical Combined Attack and its Countermeasure on BNP Exponentiation Algorithm (BNP 멱승 알고리듬에 대한 물리적인 조합 공격 및 대응책)

  • Kim, Hyung-Dong;Ha, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.585-591
    • /
    • 2013
  • Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.

Double Sieve Collision Attack Based on Bitwise Detection

  • Ren, Yanting;Wu, Liji;Wang, An
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.1
    • /
    • pp.296-308
    • /
    • 2015
  • Advanced Encryption Standard (AES) is widely used for protecting wireless sensor network (WSN). At the Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2012, G$\acute{e}$rard et al. proposed an optimized collision attack and break a practical implementation of AES. However, the attack needs at least 256 averaged power traces and has a high computational complexity because of its byte wise operation. In this paper, we propose a novel double sieve collision attack based on bitwise collision detection, and an improved version with an error-tolerant mechanism. Practical attacks are successfully conducted on a software implementation of AES in a low-power chip which can be used in wireless sensor node. Simulation results show that our attack needs 90% less time than the work published by G$\acute{e}$rard et al. to reach a success rate of 0.9.

Power Analysis Attacks and Countermeasures on NTRU-Based Wireless Body Area Networks

  • Wang, An;Zheng, Xuexin;Wang, Zongyue
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.5
    • /
    • pp.1094-1107
    • /
    • 2013
  • NTRU cryptosystem has been suggested for protecting wireless body area networks, which is secure in the sense of traditional cryptanalysis. In this paper, we fulfill the first power analysis attack on the ultra-low-power environment of wireless body area networks. Specifically, two practical differential power analyses on NTRU algorithm are proposed, which can attack the existing countermeasures of NTRU. Accordingly, we suggest three countermeasures against our attacks. Meanwhile, practical experiments show that although the attacks in this paper are efficient, our countermeasures can resist them effectively.

Practical Biasing Power Analysis breaking Side Channel Attack Countermeasures based on Masking-Shuffling techniques (마스킹-셔플링 부채널 대응법을 해독하는 실용적인 편중전력분석)

  • Cho, Jong-Won;Han, Dong-Guk
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.49 no.9
    • /
    • pp.55-64
    • /
    • 2012
  • Until now, Side Channel Attack has been known to be effective to crack decrypt key such as smart cards, electronic passports and e-ID card based on Chip. Combination of Masking and shuffling methods have been proposed practical countermeasure. Newly, S.Tillich suggests biased-mask using template attack(TA) to attack AES with masking and shuffling. However, an additional assumption that is acquired template information previously for masking value is necessary in order to apply this method. Moreover, this method needs to know exact time position of the target masking value for higher probability of success. In this paper, we suggest new practical method called Biasing Power Analysis(BPA) to find a secret key of AES based on masking-shuffling method. In BPA, we don't use time position and template information from masking value. Actually, we do experimental works of BPA attack to 128bit secret key of AES based on masking-shuffling method performed MSP430 Chip and we succeed in finding whole secret key. The results of this study will be utilized for next-generation ID cards to verify physical safety.