Towards Evaluating DPA Countermeasures for Keccak K1012ECCAK on a Real ASIC

  • Michael Muehlberghuber
  • Thomas Korak
  • Philipp Dunst
  • Michael Hutter
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9064)


We present Zorro, a taped-out ASIC hosting three distinct authenticated encryption architectures based on the SpongeWrap construction. All designs target resource-constrained environments such as smart cards or embedded devices and therefore, have been protected against DPA attacks while keeping low-area as the most important design goal in mind. Each of the three architectures contains masking and hiding countermeasures. They solely differ with regard to the implemented secret-sharing scheme. While the first design is based on a 3-share threshold implementation (TI), which does not fulfill the uniformity property, the other two make use of the 3-share approach with re-masking and the 4-share approach as proposed by Bilgin et al. Our smallest, provable first-order DPA secure Keccak implementation requires only 14.5 kGE (which is less than half of the size of related work) and contains both front-end and back-end design overheads. Moreover, we present first DPA results of the Zorro ASIC by comparing hiding and masking countermeasures. We were able to recover the cipherkey from a masking-secured TI implementation based on three shares with about 70 000 power traces.


Duplex construction SpongeWrap Threshold implementation Side-channel attacks DPA Low-area hardware ASIC 



This work has been supported in part by the Swiss Commission for Technology and Innovation (CTI) under project number 13044.1 PFES-ES and in part by the European Commission through the FP7 program under project number 610436 (project MATTHEW) and by the Austrian Research Promotion Agency (FFG) and the Styrian Business Promotion Agency (SFG) under grant number 836628 (SeCoS). Moreover, we would like to thank the people from the Microelectronics Design Center of ETH Zurich for their support during the backend design of the ASIC. We also want to thank Svetla Nikova and Joan Daemen for their comments on the pre-print version of the paper.


  1. 1.
    CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness, March 2013.
  2. 2.
    Bertoni, G., Daemen, J., Debande, N., Le, T.-H., Peeters, M., Van Assche, G.: Power analysis of hardware implementations protected with secret sharing. Cryptology ePrint Archive: Report 2013/067, February 2013Google Scholar
  3. 3.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  4. 4.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V., Keer, R.V.: Keccak Implementation Overview, May 2012. (Version 3.2)
  5. 5.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sponge functions. In: ECRYPT Hash Workshop, Barcelona, Spain, 24–25 May 2007.
  6. 6.
    G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche. KECCAK specifications, Version 2, 10 September 2009.
  7. 7.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Building power analysis resistant implementations of keccak. In: 2nd SHA-3 Candidate Conference (2010)Google Scholar
  8. 8.
    Bilgin, B., Daemen, J., Nikov, V., Nikova, S., Rijmen, V., Van Assche, G.: Efficient and first-order DPA Resistant implementations of keccak. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 187–199. Springer, Heidelberg (2014) Google Scholar
  9. 9.
    Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: the insecurity of 802.11. In: Naghshineh, M., Zorzi, M., (eds.) MobiCom 2001, pp. 180–189. ACM (2001)Google Scholar
  10. 10.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  11. 11.
    Canvel, B., Hiltgen, A.P., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  12. 12.
    Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.-X.: Block ciphers that are easier to mask: how far can we go? In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 383–399. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  13. 13.
    Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-invasive attack testing workshop (2011)Google Scholar
  14. 14.
    Kavun, E.B., Yalcin, T.: A lightweight implementation of keccak hash function for radio-frequency identification applications. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 258–269. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  15. 15.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) Google Scholar
  16. 16.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, New York (2007). ISBN 978-0-387-30857-9zbMATHGoogle Scholar
  17. 17.
    Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of non-linear functions in the presence of glitches. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 218–234. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  18. 18.
    Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptology 24(2), 292–321 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    NIST. SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions (DRAFT FIPS PUB 202), May 2014Google Scholar
  20. 20.
    Pessl, P., Hutter, M.: Pushing the limits of SHA-3 hardware implementations to fit on RFID. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 126–141. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  21. 21.
    Prouff, E., Rivain, M., Bévan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Michael Muehlberghuber
    • 1
  • Thomas Korak
    • 2
  • Philipp Dunst
    • 2
  • Michael Hutter
    • 3
  1. 1.Integrated Systems Laboratory (IIS), ETH ZurichZurichSwitzerland
  2. 2.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyGrazAustria
  3. 3.Cryptography ResearchSan FranciscoUSA

Personalised recommendations