Skip to main content
SpringerLink
Log in

Exploiting the Leakage: Analysis of Some Authenticated Encryption Schemes

  • Conference paper
  • First Online:
Security, Privacy, and Applied Cryptography Engineering (SPACE 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10076))

Abstract

The ongoing CAESAR competition, aimed at finding robust and secure authenticated encryption schemes provides many new submissions for analysis. We analyzed many schemes and came across a plenitude of techniques, design ideals and security notions. In view of the above, we present key recovery attacks using DPA for Deoxys, Joltik and ELmD, and a forgery attack on AEGIS. In our analysis of the various schemes, we found out that, schemes using Sponge constructions with pre-initialized keys such as Ascon, ICEPOLE, Keyak, NORX, PRIMATEs, etc. were significantly harder to attack than contemporary designs using standard building blocks from a side channel perspective. We also implement and demonstrate an attack on Joltik-BC, to recover the key in roughly 50–60 traces.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. CAESAR: Competition for authenticated encryption: Security, applicability, and robustness (2014). https://competitions.cr.yp.to/caesar-submissions.html

  2. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_4

    Chapter  Google Scholar 

  3. Akkar, M.-L., Bevan, R., Dischamp, P., Moyart, D.: Power analysis, what is now possible. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 489–502. Springer, Heidelberg (2000). doi:10.1007/3-540-44448-3_38

    Chapter  Google Scholar 

  4. Anderson, R.J.: Security Engineering - A Guide to Building Dependable Distributed Systems. Wiley, Hoboken (2001)

    Google Scholar 

  5. Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Wang, Q., Yasuda, K.: PRIMATEs v1.02. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, September 2014

  6. Aumasson, J.-P., Jovanovic, P., Neves, S.: NORX v2.0. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  7. Bay, A., Ersoy, O., KarakoÃğ, F.: Universal forgery and key recovery attacks on ELmD authenticated encryption algorithm. Cryptology ePrint Archive, Report 2016/640 (2016). http://eprint.iacr.org/2016/640

  8. Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). doi:10.1007/3-540-44448-3_41

    Chapter  Google Scholar 

  9. Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004). doi:10.1007/978-3-540-25937-4_25

    Chapter  Google Scholar 

  10. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Keyak v2. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  11. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). doi:10.1007/BFb0052259

    Chapter  Google Scholar 

  12. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). doi:10.1007/3-540-69053-0_4

    Chapter  Google Scholar 

  13. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Cryptographic Hardware, Embedded Systems - CHES(2011) Observation of strains: 6th International Workshop Cambridge, MA, USA, August 11–13, 2004. Proceedings, pp. 16–29 (2004)

    Google Scholar 

  14. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_3

    Chapter  Google Scholar 

  15. Coron, J.-S., Kocher, P., Naccache, D.: Statistics and secret leakage. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 157–173. Springer, Heidelberg (2001). doi:10.1007/3-540-45472-1_12

    Chapter  Google Scholar 

  16. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York Inc., Secaucus (2002)

    Book  MATH  Google Scholar 

  17. Datta, N., Nandi, M.: ELmD v2.0 specification. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  18. Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 167–182. Springer, Heidelberg (2000). doi:10.1007/10721064_15

    Chapter  Google Scholar 

  19. Dobraunig, C., Eichlseder, M., Korak, T., Lomne, V., Mendel, F.: Practical fault attacks on authenticated encryption modes for aes. Cryptology ePrint Archive, Report 2016/616, (2016). http://eprint.iacr.org/2016/616

  20. Dobraunig, C., Eichlseder, M., Mendel, F., Schlaffer, M.: Ascon v1.1. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  21. Dworkin, M.J.: Spp. 800–38c. Recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. Technical report, Gaithersburg, MD, United States (2004)

    Google Scholar 

  22. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). doi:10.1007/3-540-44709-1_21

    Chapter  Google Scholar 

  23. Gligor, V.D., Donescu, P.: Fast encryption and authentication: XCBC encryption and XECB authentication modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 92–108. Springer, Heidelberg (2002). doi:10.1007/3-540-45473-X_8

    Chapter  Google Scholar 

  24. Jean, J., Nikolic, I., Peyrin, T.: Deoxys v1.3. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  25. Jean, J., Nikolic, I., Peyrin, T.: Joltik v1.3. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  26. Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001). doi:10.1007/3-540-44987-6_32

    Chapter  Google Scholar 

  27. Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001). doi:10.1007/3-540-44706-7_20

    Chapter  Google Scholar 

  28. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9

    Google Scholar 

  29. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  30. Kohno, T., Viega, J., Whiting, D.: C.W.C.: A high-performance conventional authenticated encryption mode. In: Fast Software Encryption, 11th International Workshop, FSE 2004, Delhi, India, February 5–7, 2004, Revised Papers, pp. 408–426 (2004)

    Google Scholar 

  31. Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the 1st Workshop on Smartcard Technology, Smartcard 1999, Chicago, Illinois, USA, May 10–11, 1999 (1999)

    Google Scholar 

  32. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)

    MATH  Google Scholar 

  33. Mayer-Sommer, R.: Smartly analyzing the simplicity and the power of simple power analysis on smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 78–92. Springer, Heidelberg (2000). doi:10.1007/3-540-44499-8_6

    Chapter  Google Scholar 

  34. McGrew, D.A., Viega, J.: The security and performance of the galois/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343–355. Springer, Heidelberg (2004). doi:10.1007/978-3-540-30556-9_27

    Chapter  Google Scholar 

  35. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999). doi:10.1007/3-540-48059-5_14

    Chapter  Google Scholar 

  36. Morawiecki, P., Gaj, K., Homsirikamol, E., Matusiewicz, K., Pieprzyk, J., Rogawski7, M., Srebrny, M., Wojcik, M.: Icepole v2. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015

  37. Quisquater, J.-J., Samyde, D.: Electromagnetic analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). doi:10.1007/3-540-45418-7_17

    Chapter  Google Scholar 

  38. Rogaway, P.: Authenticated-encryption with associated-data. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18–22, 2002, pp. 98–107 (2002)

    Google Scholar 

  39. Rogaway, P., Bellare, M., Black, J., Krovetz, T.: O.C.B: a block-cipher mode of operation for efficient authenticated encryption. In: CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6–8, 2001, pp. 196–205 (2001)

    Google Scholar 

  40. Hongjun, W., Bart Preneel, A.: A fast authenticated encryption algorithm (v1). Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, March 2014

Download references

Author information

Authors and Affiliations

  1. Indraprashtha Institute of Information Technology, (IIIT-Delhi), Delhi, India

    Donghoon Chang, Amit Kumar Chauhan, Naina Gupta, Arpan Jati & Somitra Kumar Sanadhya

Authors
  1. Donghoon Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amit Kumar Chauhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Naina Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Arpan Jati
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Somitra Kumar Sanadhya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Arpan Jati .

Editor information

Editors and Affiliations

  1. Universities of Paris 8 and Paris 13, LAGA, Paris, France

    Claude Carlet

  2. University of Waterloo, Waterloo, Ontario, Canada

    M. Anwar Hasan

  3. CRRao AIMSCS, Hyderabad, India

    Vishal Saraswat

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Chang, D., Chauhan, A.K., Gupta, N., Jati, A., Sanadhya, S.K. (2016). Exploiting the Leakage: Analysis of Some Authenticated Encryption Schemes. In: Carlet, C., Hasan, M., Saraswat, V. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2016. Lecture Notes in Computer Science(), vol 10076. Springer, Cham. https://doi.org/10.1007/978-3-319-49445-6_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49445-6_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49444-9

  • Online ISBN: 978-3-319-49445-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation