• Title/Summary/Keyword: Side channel attack

Search Result 166, Processing Time 0.023 seconds

Side-Channel Attack against Secure Data Deduplication over Encrypted Data in Cloud Storage (암호화된 클라우드 데이터의 중복제거 기법에 대한 부채널 공격)

  • Shin, Hyungjune;Koo, Dongyoung;Hur, Junbeom
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.4
    • /
    • pp.971-980
    • /
    • 2017
  • Data deduplication can be utilized to reduce storage space in cloud storage services by storing only a single copy of data rather than all duplicated copies. Users who are concerned the confidentiality of their outsourced data can use secure encryption algorithms, but it makes data deduplication ineffective. In order to reconcile data deduplication with encryption, Liu et al. proposed a new server-side cross-user deduplication scheme by exploiting password authenticated key exchange (PAKE) protocol in 2015. In this paper, we demonstrate that this scheme has side channel which causes insecurity against the confirmation-of-file (CoF), or duplicate identification attack.

Side Channel Attack on Block Cipher SM4 and Analysis of Masking-Based Countermeasure (블록 암호 SM4에 대한 부채널 공격 및 마스킹 기반 대응기법 분석)

  • Bae, Daehyeon;Nam, Seunghyun;Ha, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.1
    • /
    • pp.39-49
    • /
    • 2020
  • In this paper, we show that the Chinese standard block cipher SM4 is vulnerable to the side channel attacks and present a countermeasure to resist them. We firstly validate that the secret key of SM4 can be recovered by differential power analysis(DPA) and correlation power analysis(CPA) attacks. Therefore we analyze the vulnerable element caused by power attack and propose a first order masking-based countermeasure to defeat DPA and CPA attacks. Although the proposed countermeasure unfortunately is still vulnerable to the profiling power attacks such as deep learning-based multi layer perceptron(MLP), it can sufficiently overcome the non-profiling attacks such as DPA and CPA.

Masking-Based Block Cipher LEA Resistant to Side Channel Attacks (부채널 공격에 대응하는 마스킹 기반의 블록 암호 LEA)

  • Park, Eunsoo;Oh, Soohyun;Ha, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.5
    • /
    • pp.1023-1032
    • /
    • 2017
  • When a cryptographic device such as smart card performs an encryption for a plain text, an attacker can extract the secret key in it using side channel information. Especially, many researches found some weaknesses for side channel attack on the lightweight block cipher LEA designed to apply in IoT environments. In this paper, we survey several masking countermeasures to defeat the side channel attack and propose a novel masking conversion method. Even though the proposed Arithmetic-to-Boolean masking conversion method requires storage memory of 256 bytes, it can improve the LEA encryption speed up to 17 percentage compared to the case adopted the previous masking method.

Implementation of Optimized 1st-Order Masking AES Algorithm Against Side-Channel-Analysis (부채널 분석 대응을 위한 1차 마스킹 AES 알고리즘 최적화 구현)

  • Kim, Kyung Ho;Seo, Hwa Jeong
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.8 no.9
    • /
    • pp.225-230
    • /
    • 2019
  • Recently, with the development of Internet technology, various encryption algorithms have been adopted to protect the sensing data measured by hardware devices. The Advanced Encryption Standard (AES), the most widely used encryption algorithm in the world, is also used in many devices with strong security. However, it has been found that the AES algorithm is vulnerable to side channel analysis attacks such as Differential Power Analysis (DPA) and Correlation Power Analysis (CPA). In this paper, we present a software optimization implementation technique of the AES algorithm applying the most widely known masking technique among side channel analysis attack methods.

Recovering RSA Private Key Bits from Erasures and Errors (삭제와 오류로부터 RSA 개인키를 복구하는 알고리즘)

  • Baek, Yoo-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.4
    • /
    • pp.951-959
    • /
    • 2017
  • Under the assumption that there is available some additional information other than plaintext-ciphertext pairs, the security of the RSA cryptosystem has been analyzed by the attack methods such as the side-channel attacks and the lattice-based attacks. Recently, based on the data retention property of the powered-off DRAMs, the so called cold boot attack was proposed in the literature, which is focusing on recovering the various cryptosystems' key from some auxiliary information. This paper is dealing with the problem of recovering the RSA private key with erasures and errors and proposes a new key recovery algorithm which is shown to have better performance than the previous one introduced by Kunihiro et al.

Key Recovery Algorithm for Randomly-Decayed AES Key Bits (랜덤하게 변형된 AES 키 비트열에 대한 키 복구 알고리즘)

  • Baek, Yoo-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.327-334
    • /
    • 2016
  • Contrary to the common belief, DRAM which is used for the main memory of various computing devices retains its content even though it is powered-off. Especially, the data-retaining time can increase if DRAM is cooled down. The Cold Boot Attack, a kind of side-channel attacks, tries to recover the sensitive information such as the cryptographic key from the powered-off DRAM. This paper proposes a new algorithm which recovers the AES key under the symmetric-decay cold-boot-attack model. In particular, the proposed algorithm uses the strategy of reducing the size of the candidate key space by testing the randomness of the extracted AES key bit stream.

Power-based Side-Channel Analysis Against AES Implementations: Evaluation and Comparison

  • Benhadjyoussef, Noura;Karmani, Mouna;Machhout, Mohsen
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.4
    • /
    • pp.264-271
    • /
    • 2021
  • From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

Improving Non-Profiled Side-Channel Analysis Using Auto-Encoder Based Noise Reduction Preprocessing (비프로파일링 기반 전력 분석의 성능 향상을 위한 오토인코더 기반 잡음 제거 기술)

  • Kwon, Donggeun;Jin, Sunghyun;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.3
    • /
    • pp.491-501
    • /
    • 2019
  • In side-channel analysis, which exploit physical leakage from a cryptographic device, deep learning based attack has been significantly interested in recent years. However, most of the state-of-the-art methods have been focused on classifying side-channel information in a profiled scenario where attackers can obtain label of training data. In this paper, we propose a new method based on deep learning to improve non-profiling side-channel attack such as Differential Power Analysis and Correlation Power Analysis. The proposed method is a signal preprocessing technique that reduces the noise in a trace by modifying Auto-Encoder framework to the context of side-channel analysis. Previous work on Denoising Auto-Encoder was trained through randomly added noise by an attacker. In this paper, the proposed model trains Auto-Encoder through the noise from real data using the noise-reduced-label. Also, the proposed method permits to perform non-profiled attack by training only a single neural network. We validate the performance of the noise reduction of the proposed method on real traces collected from ChipWhisperer board. We demonstrate that the proposed method outperforms classic preprocessing methods such as Principal Component Analysis and Linear Discriminant Analysis.

New Type of Collision Attack on First-Order Masked AESs

  • Kim, Hee Seok;Hong, Seokhie
    • ETRI Journal
    • /
    • v.38 no.2
    • /
    • pp.387-396
    • /
    • 2016
  • This paper introduces a new type of collision attack on first-order masked Advanced Encryption Standards. This attack is a known-plaintext attack, while the existing collision attacks are chosen-plaintext attacks. In addition, our method requires significantly fewer power measurements than any second-order differential power analysis or existing collision attacks.

Efficient Key Detection Method in the Correlation Electromagnetic Analysis Using Peak Selection Algorithm

  • Kang, You-Sung;Choi, Doo-Ho;Chung, Byung-Ho;Cho, Hyun-Sook;Han, Dong-Guk
    • Journal of Communications and Networks
    • /
    • v.11 no.6
    • /
    • pp.556-563
    • /
    • 2009
  • A side channel analysis is a very efficient attack against small devices such as smart cards and wireless sensor nodes. In this paper, we propose an efficient key detection method using a peak selection algorithm in order to find the advanced encryption standard secret key from electromagnetic signals. The proposed method is applied to a correlation electromagnetic analysis (CEMA) attack against a wireless sensor node. Our approach results in increase in the correlation coefficient in comparison with the general CEMA. The experimental results show that the proposed method can efficiently and reliably uncover the entire 128-bit key with a small number of traces, whereas some extant methods can reveal only partial subkeys by using a large number of traces in the same conditions.