• Title/Summary/Keyword: side-channel analysis

Search Result 360, Processing Time 0.03 seconds

Mutual Information Analysis for Three-Phase Dynamic Current Mode Logic against Side-Channel Attack

  • Kim, Hyunmin;Han, Dong-Guk;Hong, Seokhie
    • ETRI Journal
    • /
    • v.37 no.3
    • /
    • pp.584-594
    • /
    • 2015
  • To date, many different kinds of logic styles for hardware countermeasures have been developed; for example, SABL, TDPL, and DyCML. Current mode-based logic styles are useful as they consume less power compared to voltage mode-based logic styles such as SABL and TDPL. Although we developed TPDyCML in 2012 and presented it at the WISA 2012 conference, we have further optimized it in this paper using a binary decision diagram algorithm and confirmed its properties through a practical implementation of the AES S-box. In this paper, we will explain the outcome of HSPICE simulations, which included correlation power attacks, on AES S-boxes configured using a compact NMOS tree constructed from either SABL, CMOS, TDPL, DyCML, or TPDyCML. In addition, to compare the performance of each logic style in greater detail, we will carry out a mutual information analysis (MIA). Our results confirm that our logic style has good properties as a hardware countermeasure and 15% less information leakage than those secure logic styles used in our MIA.

Differential Fault Analysis on Block Cipher ARIA-128 (블록 암호 ARIA-128에 대한 차분 오류 공격)

  • Park, Se-Hyun;Jeong, Ki-Tae;Lee, Yu-Seop;Sung, Jae-Chul;Hong, Seok-Hie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.5
    • /
    • pp.15-25
    • /
    • 2011
  • A differential fault analysis(DFA) is one of the most important side channel attacks on block ciphers. Most block ciphers, such as DES, AES, ARIA, SEED and so on., have been analysed by this attack. In 2008, Wei et al. proposed the first DFA on ARIA-128. Their attack can recover the 128-bit secrey key by about 45 faulty ciphertexts. In this paper, we propose an improved DFA on ARIA-128. We can recover the 12S-bit secret key by only 4 faulty ciphertexts with the computational complexity of O($2^{32}$).

Power-based Side-Channel Analysis Against AES Implementations: Evaluation and Comparison

  • Benhadjyoussef, Noura;Karmani, Mouna;Machhout, Mohsen
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.4
    • /
    • pp.264-271
    • /
    • 2021
  • From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

The Promotions of Brands and Stores and their Impact the Optimal Decisions for the Marketing Channel Members (두 종류의 촉진(브랜드 프로모션과 점포 프로모션)과 유통구성원의 최적결정)

  • 김상용
    • Journal of Distribution Research
    • /
    • v.3 no.1
    • /
    • pp.7-29
    • /
    • 1998
  • Manufacturers want brand promotions at the stores. In contrast, retailers want promotions for the stores rather than for the brands since better store promotions can attract customers from the competing retail stores. In this paper, three scenarios are assumed for the promotions in terms of the allowances or the side-payments form the manufacturer to the retailer and the pass-through rate for the allowances being used for the brand promotions by the retailer. An analytical model for the marketing channel distribution is used for the analysis. Then, several marketing implications are suggested based on the findings.

  • PDF

Novel Vulnerability against Dummy Based Side-Channel Countermeasures - Case Study: XMEGA (더미 기반 부채널 분석 대응기법 신규 취약점 - Case Study: XMEGA)

  • Lee, JongHyeok;Han, Dong-Guk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.2
    • /
    • pp.287-297
    • /
    • 2019
  • When cryptographic algorithms are implemented to provide countermeasures against the side-channel analysis, designers frequently employ the combined countermeasures between the first-order masking scheme and hiding schemes. Their combination can be enough to offer security and efficiency. However, if dummy operations can be distinguished from real operations, an attacker can extract the secret key with lower complexity than the intended attack complexity by the designer inserting the dummy operations. In this paper, we categorize types of variables used in a dummy operation when C language is employed. Then, we present the novel vulnerability that can distinguish dummy operations for all cases where the hiding schemes are applied using different types of variables. Moreover, the countermeasure is provided to prevent the novel vulnerability.

SITM Attacks on GIFT-128: Application to NIST Lightweight Cryptography Finalist GIFT-COFB (GIFT-128에 대한 SITM 공격: NIST 경량암호 최종 후보 GIFT-COFB 적용 방안 연구)

  • Park, Jonghyun;Kim, Hangi;Kim, Jongsung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.4
    • /
    • pp.607-615
    • /
    • 2022
  • The SITM (See-In-The-Middle) proposed in CHES 2020 is a methodology for side-channel assisted differential cryptanalysis. This technique analyzes the power traces of unmasked middle rounds in partial masked SPN block cipher implementation, and performs differential analysis with the side channel information. Blockcipher GIFT is a lightweight blockcipher proposed in CHES 2017, designed to correct the well-known weaknesses of block cipher PRESENT and provide the efficient implementation. In this paper, we propose SITM attacks on partial masked implementation of GIFT-128. This attack targets 4-round and 6-round masked implementation of GIFT-128 and time/data complexity is 214.01 /214.01, 216 /216. In this paper, we compare the masterkey recovery logic available in SITM attacks, establishing a criterion for selecting more efficient logic depending on the situation. Finally, We introduce how to apply the this attack to GIFT-COFB, one of the finalist candidates in NIST lightweight cryptography standardization process.

Single Trace Analysis against HyMES by Exploitation of Joint Distributions of Leakages (HyMES에 대한 결합 확률 분포 기반 단일 파형 분석)

  • Park, ByeongGyu;Kim, Suhri;Kim, Hanbit;Jin, Sunghyun;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.5
    • /
    • pp.1099-1112
    • /
    • 2018
  • The field of post-quantum cryptography (PQC) is an active area of research as cryptographers look for public-key cryptosystems that can resist quantum adversaries. Among those categories in PQC, code-based cryptosystem provides high security along with efficiency. Recent works on code-based cryptosystems focus on the side-channel resistant implementation since previous works have indicated the possible side-channel vulnerabilities on existing algorithms. In this paper, we recovered the secret key in HyMES(Hybrid McEliece Scheme) using a single power consumption trace. HyMES is a variant of McEliece cryptosystem that provides smaller keys and faster encryption and decryption speed. During the decryption, the algorithm computes the parity-check matrix which is required when computing the syndrome. We analyzed HyMES using the fact that the joint distributions of nonlinear functions used in this process depend on the secret key. To the best of our knowledge, we were the first to propose the side-channel analysis based on joint distributions of leakages on public-key cryptosystem.

Analysis of the Flow over Broad Crested Side Weir by Using Three-Dimensional Numerical Simulation (3차원 수치모의를 이용한 광정횡월류위어의 흐름특성 해석)

  • Kim, Dae-Geun;Kim, Yong-Geun
    • Journal of Korea Water Resources Association
    • /
    • v.40 no.3
    • /
    • pp.277-286
    • /
    • 2007
  • In this study, we analyzed the flow characteristics in the wide-crested side weir of trapezoidal section by using a three dimensional numerical stimulation. From this study, as the Froude number increases in the main channel, the overflow discharge ratio and the discharge coefficient of lateral overflow tend to decrease. And it was also found that the increase of the lateral overflow reduces the channel discharge area in the downstream, and the size of recirculating zone is increasing in the opposite side of side weir. The stream-wise water surface on the side where the side weir is installed falls down rapidly in the weir starting point, gradually ascending, and rapidly rising at the end point. The reason why the water surface rapidly rises at the weir end point is because the weir end point hinders the flow.

Improved Side Channel Attack using Restricted Number of Traces on RSA-CRT (제한된 파형을 이용한 향상된 RSA-CRT 부채널 분석)

  • Park, Jong-Yeon;Han, Dong-Guk;Yi, Ok-Yeon;Choi, Doo-Ho
    • Annual Conference of KIPS
    • /
    • 2011.04a
    • /
    • pp.1016-1019
    • /
    • 2011
  • RSA-CRT 알고리즘은 RSA 의 지수승 연산의 효율성을 향상시키기 위해 널리 사용되고 있으며, CRT 를 적용한 알고리즘은 다양한 방법의 부채널 분석(Side Channel Analysis)으로부터 약점이 노출되어 왔다. 그 중 Boer 등에 의해 발표된 MRED 분석 방법은, 등 간격의 데이터(Equidistant Data)를 이용하여 CRT 의 모듈러 리덕션 연산(Modular Reduction)결과로부터의 약점을 활용하여 일반적인 DPA 분석 법을 적용시킨 방법이다. 우리는 리덕션 결과의 데이터에 의존한 분석에서 벗어나, 리덕션 알고리즘 중간 연산 과정을 공격하는 새로운 공격 방법을 개발하였으며, 새로운 공격은 오직 "$256{\times}n$개"의 파형만으로 키 공간을 상당히 줄일 수 있기 때문에, 제한된 평문 수에서 이전에 알려져 있던 일반적인 MRED 분석 방법보다 향상된 분석 성능을 제공한다. 본 논문은 리더션 연산과정을 이용한 새로운 전력 분석 방법을 실제 MCU Chip 을 이용한 분석 결과를 제안한다.

Security Evaluation Against Collision-based Power Analysis on RSA Algorithm Adopted Exponent Splitting Method (지수 분할 기법이 적용된 RSA 알고리듬에 대한 충돌 전력 분석 공격 안전성 평가)

  • Ha, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.985-991
    • /
    • 2015
  • The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.