Abstract
The ongoing CAESAR competition, aimed at finding robust and secure authenticated encryption schemes provides many new submissions for analysis. We analyzed many schemes and came across a plenitude of techniques, design ideals and security notions. In view of the above, we present key recovery attacks using DPA for Deoxys, Joltik and ELmD, and a forgery attack on AEGIS. In our analysis of the various schemes, we found out that, schemes using Sponge constructions with pre-initialized keys such as Ascon, ICEPOLE, Keyak, NORX, PRIMATEs, etc. were significantly harder to attack than contemporary designs using standard building blocks from a side channel perspective. We also implement and demonstrate an attack on Joltik-BC, to recover the key in roughly 50–60 traces.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CAESAR: Competition for authenticated encryption: Security, applicability, and robustness (2014). https://competitions.cr.yp.to/caesar-submissions.html
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_4
Akkar, M.-L., Bevan, R., Dischamp, P., Moyart, D.: Power analysis, what is now possible. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 489–502. Springer, Heidelberg (2000). doi:10.1007/3-540-44448-3_38
Anderson, R.J.: Security Engineering - A Guide to Building Dependable Distributed Systems. Wiley, Hoboken (2001)
Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Wang, Q., Yasuda, K.: PRIMATEs v1.02. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, September 2014
Aumasson, J.-P., Jovanovic, P., Neves, S.: NORX v2.0. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Bay, A., Ersoy, O., KarakoÃğ, F.: Universal forgery and key recovery attacks on ELmD authenticated encryption algorithm. Cryptology ePrint Archive, Report 2016/640 (2016). http://eprint.iacr.org/2016/640
Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). doi:10.1007/3-540-44448-3_41
Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004). doi:10.1007/978-3-540-25937-4_25
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Keyak v2. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). doi:10.1007/BFb0052259
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). doi:10.1007/3-540-69053-0_4
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Cryptographic Hardware, Embedded Systems - CHES(2011) Observation of strains: 6th International Workshop Cambridge, MA, USA, August 11–13, 2004. Proceedings, pp. 16–29 (2004)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_3
Coron, J.-S., Kocher, P., Naccache, D.: Statistics and secret leakage. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 157–173. Springer, Heidelberg (2001). doi:10.1007/3-540-45472-1_12
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York Inc., Secaucus (2002)
Datta, N., Nandi, M.: ELmD v2.0 specification. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 167–182. Springer, Heidelberg (2000). doi:10.1007/10721064_15
Dobraunig, C., Eichlseder, M., Korak, T., Lomne, V., Mendel, F.: Practical fault attacks on authenticated encryption modes for aes. Cryptology ePrint Archive, Report 2016/616, (2016). http://eprint.iacr.org/2016/616
Dobraunig, C., Eichlseder, M., Mendel, F., Schlaffer, M.: Ascon v1.1. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Dworkin, M.J.: Spp. 800–38c. Recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. Technical report, Gaithersburg, MD, United States (2004)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). doi:10.1007/3-540-44709-1_21
Gligor, V.D., Donescu, P.: Fast encryption and authentication: XCBC encryption and XECB authentication modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 92–108. Springer, Heidelberg (2002). doi:10.1007/3-540-45473-X_8
Jean, J., Nikolic, I., Peyrin, T.: Deoxys v1.3. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Jean, J., Nikolic, I., Peyrin, T.: Joltik v1.3. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001). doi:10.1007/3-540-44987-6_32
Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001). doi:10.1007/3-540-44706-7_20
Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25
Kohno, T., Viega, J., Whiting, D.: C.W.C.: A high-performance conventional authenticated encryption mode. In: Fast Software Encryption, 11th International Workshop, FSE 2004, Delhi, India, February 5–7, 2004, Revised Papers, pp. 408–426 (2004)
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the 1st Workshop on Smartcard Technology, Smartcard 1999, Chicago, Illinois, USA, May 10–11, 1999 (1999)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)
Mayer-Sommer, R.: Smartly analyzing the simplicity and the power of simple power analysis on smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 78–92. Springer, Heidelberg (2000). doi:10.1007/3-540-44499-8_6
McGrew, D.A., Viega, J.: The security and performance of the galois/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343–355. Springer, Heidelberg (2004). doi:10.1007/978-3-540-30556-9_27
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999). doi:10.1007/3-540-48059-5_14
Morawiecki, P., Gaj, K., Homsirikamol, E., Matusiewicz, K., Pieprzyk, J., Rogawski7, M., Srebrny, M., Wojcik, M.: Icepole v2. Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, August 2015
Quisquater, J.-J., Samyde, D.: Electromagnetic analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). doi:10.1007/3-540-45418-7_17
Rogaway, P.: Authenticated-encryption with associated-data. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18–22, 2002, pp. 98–107 (2002)
Rogaway, P., Bellare, M., Black, J., Krovetz, T.: O.C.B: a block-cipher mode of operation for efficient authenticated encryption. In: CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6–8, 2001, pp. 196–205 (2001)
Hongjun, W., Bart Preneel, A.: A fast authenticated encryption algorithm (v1). Submission to the CAESAR competition. https://competitions.cr.yp.to/caesar-submissions.html, March 2014
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Chang, D., Chauhan, A.K., Gupta, N., Jati, A., Sanadhya, S.K. (2016). Exploiting the Leakage: Analysis of Some Authenticated Encryption Schemes. In: Carlet, C., Hasan, M., Saraswat, V. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2016. Lecture Notes in Computer Science(), vol 10076. Springer, Cham. https://doi.org/10.1007/978-3-319-49445-6_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-49445-6_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49444-9
Online ISBN: 978-3-319-49445-6
eBook Packages: Computer ScienceComputer Science (R0)