Abstract
Despite Kerckhoff’s principle, there are secret ciphers with unknown components for diplomatic or military usages. The side-channel analysis of reverse engineering (SCARE) is developed for analyzing secret ciphers. Considering the side-channel leakage, SCARE attacks enable the recovery of some secret parts of a cryptosystem, e.g., the substitution box table. However, based on idealized leakage assumption, most of these attacks have a few limitations on prior knowledge or implementations. In this paper, we focus on AES-like block ciphers with a secret S-box and demonstrate an attack which recovers both the secret key and the secret S-box. On the one hand, the key is recovered under profiled circumstance by leakage analysis and collision attack. On the other hand, the SCARE attack is based on mathematical analysis. It relies on Hamming weight of MixColumns intermediate results in the first round, which can restore the secret S-box. Experiments are performed on real power traces from a software implementation of AES-like block cipher. Moreover, we evaluate the soundness and efficiency of our method by simulations and compare with previous approaches. Our method has more advantages in intermediate results location and the required number of traces. For simulated traces with gaussian noise, our method requires 100000 traces to fully restore the secret S-box, while the previous method requires nearly 300000 traces to restore S-box.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proceedings of Annual International Cryptology Conference. 1999, 388–397
Kocher P C. Timing attacks on implementations of timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Proceedings of Annual International Cryptology Conference. 1996, 104–113
Brier E, Clavier C, Oliver F. Correlation power analysis with a leakage model. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems. 2004, 16–29
Chari S, Rao J R, Rohatgi P. Template attacks. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems. 2002, 13–28
Schramm K, Wollinger T, Paar C. A new class of collision attacks and its application to DES. In: Proceedings of International Workshop on Fast Software Encryption. 2003, 206–222
Gierlichs B, Batina L, Tuyls P, Preneel B. Mutual information analysis. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems. 2008, 426–442
Garcia F D, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur R W, Jacobs B. Dismantling MIFARE classic. In: Proceedings of 13th European Symposium on Research in Computer Security. 2008, 97–114
Holler M, Odstrcil M, Guizar-Sicairos M, Lebugle M, Müller E, Finizio S, Tinti G, David C, Zusman J, Unglaub W, Bunk O, Raabe J, Levi A F J, Aeppli G. Three-dimensional imaging of integrated circuits with macro- to nanoscale zoom. Nature Electronics, 2019, 2(10): 464–470
Tiessen T, Knudsen L R, Kölbl S, Lauridsen M M. Security of the AES with a secret S-box. In: Proceedings of International Workshop on Fast Software Encryption. 2015, 175–189
Clavier C, Isorez Q, Wurcker A. Complete SCARE of AES-like block ciphers by chosen plaintext collision power analysis. In: Proceedings of International Conference on Cryptology in India. 2013, 116–135
Clavier C, Wurcker A. Reverse engineering of a secret AES-like cipher by ineffective fault analysis. In: Proceedings of 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography. 2013, 119–128
Sun B, Liu M, Guo J, Qu L, Rijmen V. New insights on AES-like SPN ciphers. In: Proceedings of Annual International Cryptology Conference. 2016, 605–624
Grassi L, Rechberger C, Rønjom S. Subspace trail cryptanalysis and its applications to AES. IACR Transactions on Symmetric Cryptology, 2017, 2016(2): 192–225
Rivain M, Roche T. SCARE of secret ciphers with SPN structures. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2013, 526–544
Tang M, Qiu Z L, Peng H B, Hu X B, Yi M, Zhang H G. Toward reverse engineering on secret s-boxes in block ciphers. Science China: Information Sciences, 2014, 57(3): 1–18
Gao S, Chen H, Wu W, Fan L, Feng J, Ma X. Linear regression attack with F-test: A New SCARE Technique for Secret Block Ciphers. In: Proceedings of International Conference on Cryptology and Network Security. 2016, 3–18
Breier J, Jap D, Hou X, Bhasin S. On side channel vulnerabilities of bit permutations in cryptographic algorithms. IEEE Transactions on Information Forensics and Security, 2019, 15: 1072–1085
Caforio A, Banik S. A study of persistent fault analysis. In: Proceedings of International Conference on Security, Privacy, and Applied Cryptography Engineering. 2019, 13–33
Clavier C. An improved SCARE cryptanalysis against a secret A3/A8 GSM algorithm. In: Proceedings of International Conference on Information Systems Security. 2007, 143–155
Novak R. Side-channel attack on substitution blocks. In: Proceedings of International Conference on Applied Cryptography and Network Security. 2003, 307–318
Moradi A, Mischke O, Eisenbarth T. Correlation-enhanced power analysis collision attack. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems. 2010, 125–139
Joan D, Vincent R. The design of Rijndael: AES-the advanced encryption standard. 1st ed. Berlin: Springer-Verlag, 2002
Acknowledgements
This work was supported by the National Natural Science Foundation of China (Grant Nos. 61872040, U1836101, 61871037, 62002021), National Cryptography Development Fund (MMJJ20170201), and Beijing Natural Science Foundation (4202070).
Author information
Authors and Affiliations
Corresponding author
Additional information
Xin Liu was born in 1995. He is studying for a master’s degree in Beijing Institute of Technology, China. His research interests include side-channel attack and cryptographic implementation.
An Wang was born in 1983. He received his PhD degree in Shangdong University, China in 2011. From 2011 to 2015, he worked as a postdoctoral researcher in Tsinghua University. He currently works as an associate professor in Beijing Institute of Technology, China. His main research interests include side-channel analysis, embedded system, and cryptographic implementation.
Liehuang Zhu is a professor in the Department of Computer Science at Beijing Institute of Technology, China. He is selected into the Program for New Century Excellent Talents in University from Ministry of Education, China. His research interests include internet of things, cloud computing security, internet and mobile security.
Yaoling Ding was born in 1987. She received her PhD degree from Tsinghua University, China in 2019. She currently holds a postdoctoral position at Beijing Institute of Technology, China. Her research interests include side-channel attack and cryptanalysis of block cipher.
Zeyuan Lyu was born in 1997. She is studying for a master’s degree in Beijing Institute of Technology, China. Her research interests include side-channel attack and cryptographic engineering.
Zongyue Wang was born in 1988. He received his PhD degree in Shandong University, China in 2015. He currently works in Open Security Research, China. His main research interests include side-channel analysis, cryptographic implementation and mobile security.
Electronic supplementary material
Rights and permissions
About this article
Cite this article
Liu, X., Wang, A., Zhu, L. et al. SCARE and power attack on AES-like block ciphers with secret S-box. Front. Comput. Sci. 16, 164814 (2022). https://doi.org/10.1007/s11704-020-0319-z
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11704-020-0319-z