Advertisement

Journal of Cryptographic Engineering

, Volume 2, Issue 2, pp 129–141 | Cite as

Protecting AES against side-channel analysis using wire-tap codes

Regular Paper

Abstract

We introduce a general protection of data against side channel analysis (SCA) based on wire-tap codes. We focus in this paper on an application for the AES cipher. We analyse the behaviour of our countermeasure against different kinds of SCA. Our results show that this protection is an excellent alternative to classical masking methods as it comes with the secrecy property of wire-tap coding, practical resistance against first and second-order DPA. Moreover, we point out that it brings two novel features: the possibility to unmask without the knowledge of the mask and its capability to detect some faults.

Keywords

Side channel analysis Wire-tap codes AES cipher 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Akkar, M.L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES, Lecture Notes in Computer Science, vol. 2162, pp. 309–318. Springer, Berlin (2001)Google Scholar
  2. 2.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of aes. In: Handschuh, H., Hasan, M.A. (eds.) Selected Areas in Cryptography, Lecture Notes in Computer Science, vol. 3357, pp. 69–83. Springer, Berlin (2004)Google Scholar
  3. 3.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M.J. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 1666, pp. 398–412. Springer, Berlin (1999)Google Scholar
  4. 4.
    Fumaroli, G., Martinelli, A., Prouff, E., Rivain, M.: Affine masking against higher-order side channel analysis. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) Selected Areas in Cryptography. Lecture Notes in Computer Science, vol. 6544, pp. 262–280. Springer, Berlin (2010)Google Scholar
  5. 5.
    Gierlichs, B., Batina, L., Preneel, B., Verbauwhede, I.: Revisiting higher-order dpa attacks:. In: Pieprzyk, J. (ed.) CT-RSA, Lecture Notes in Computer Science, vol. 5985, pp. 221–234. Springer, Berlin (2010)Google Scholar
  6. 6.
    Goubin, L., Patarin, J.: DES and differential power analysis (the “duplication” method). In: Koç, Ç.K., Paar, C. (eds.) CHES, Lecture Notes in Computer Science, vol. 1717, pp. 158–172. Springer (1999)Google Scholar
  7. 7.
    Grassl, M.: Code tables: bounds on the parameters of various types of codes. http://www.codetables.de/, visited in 2010
  8. 8.
    Joye, M., Paillier, P., Schoenmakers, B.: On second-order differential power analysis. In: Rao, J.R., Sunar, B. (eds.) CHES, Lecture Notes in Computer Science, vol. 3659, pp. 293–308. Springer, Berlin (2005)Google Scholar
  9. 9.
    Li, Y., Sakiyama, K., Kawamura, S., Komano, Y., Ohta, K.: Security evaluation of a dpa-resistant s-box based on the fourier transform. In: Qing, S., Mitchell, C.J., Wang, G. (eds.) ICICS, Lecture Notes in Computer Science, vol. 5927, pp. 3–16. Springer, Berlin (2009)Google Scholar
  10. 10.
    MacWilliams, F.J., Sloane, N.J.A.: The theory of error correcting codes. North-Holland, Amsterdam (1977)Google Scholar
  11. 11.
    Medwed, M., Schmidt, J.M.: Coding schemes for arithmetic and logic operations—how robust are they? In: Youm, H.Y., Yung, M. (eds.) WISA, Lecture Notes in Computer Science, vol. 5932, pp. 51–65. Springer, Berlin (2009)Google Scholar
  12. 12.
    Messerges, T.S.: Using second-order power analysis to attack dpa resistant software. In: Koç, Ç.K., Paar, C. (eds.) CHES, Lecture Notes in Computer Science, vol. 1965, pp. 238–251. Springer, Berlin (2000)Google Scholar
  13. 13.
    National Institute of Standards and Technology: Advanced Encryption Standard (FIPS PUB 197) (2001). http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf
  14. 14.
    Oswald, E., Mangard, S., Pramstaller, N.: Secure and efficient masking of aes—a mission impossible? Cryptology ePrint Archive, Report 2004/134 (2004). http://eprint.iacr.org/
  15. 15.
    Ozarow L.H., Wyner A.D.: Wire-tap channel II. Bell Syst. Tech. J. 63(10), 2135–2157 (1984)MATHGoogle Scholar
  16. 16.
    Ozarow, L.H., Wyner, A.D.: Wire-tap channel ii. In: EUROCRYPT, pp. 33–50 (1984)Google Scholar
  17. 17.
    Prouff, E., Giraud, C., Aumônier, S.: Provably secure s-box implementation based on fourier transform. In: Goubin, L., Matsui, M. (eds.) CHES, Lecture Notes in Computer Science, vol. 4249, pp. 216–230. Springer, Berlin (2006)Google Scholar
  18. 18.
    Prouff, E., Rivain, M.: Theoretical and practical aspects of mutual information based side channel analysis. In: Abdalla, M., Pointcheval, D., Fouque, P.A., Vergnaud, D. (eds.) ACNS, Lecture Notes in Computer Science, vol. 5536, pp. 499–518. Springer, Berlin (2009)Google Scholar
  19. 19.
    Prouff E., Rivain M., Bevan R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Schramm, K., Paar, C.: Higher order masking of the AES. In: Pointcheval, D. (ed.) CT-RSA, Lecture Notes in Computer Science, vol. 3860, pp. 208–225. Springer, Berlin (2006)Google Scholar
  21. 21.
    Standaert, F.X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT, Lecture Notes in Computer Science, vol. 5479, pp. 443–461. Springer, Berlin (2009)Google Scholar
  22. 22.
    Thangaraj, A., Dihidar, S., Calderbank, A.R., McLaughlin, S.W., Merolla, J.M.: Capacity achieving codes for the wire tap channel with applications to quantum key distribution. CoRR cs.IT/0411003 (2004)Google Scholar
  23. 23.
    Tillich, S., Herbst, C.: Attacking state-of-the-art software countermeasures-a case study for aes. In: Oswald E., Rohatgi P. (eds.) CHES, Lecture Notes in Computer Science, vol. 5154, pp. 228–243. Springer, Berlin (2008)Google Scholar
  24. 24.
    von Willich, M.: A technique with an information-theoretic basis for protecting secret data from differential power attacks. In: Honary B. (ed.) IMA International Conference on Lecture Notes in Computer Science, vol. 2260, pp. 44–62. Springer, Berlin (2001)Google Scholar
  25. 25.
    Wyner A.D.: The wire-tap channel. Bell Syst. Tech. J. 54(8), 1355–1387 (1975)MathSciNetMATHGoogle Scholar

Copyright information

© Springer-Verlag 2012

Authors and Affiliations

  • Julien Bringer
    • 1
  • Hervé Chabanne
    • 1
    • 2
  • Thanh Ha Le
    • 1
  1. 1.Morpho, Issy-Les-MoulineauxParisFrance
  2. 2.Télécom ParisTechParisFrance

Personalised recommendations