A Complete Tolerant Algebraic Side-Channel Attack for AES with CP

  • Fanghui Liu
  • Waldemar Cruz
  • Laurent MichelEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11008)


Tolerant Algebraic Side-Channel Attack (TASCA) is a combination of algebraic and side-channel analysis with error tolerance. Oren et al., used mathematical programming to implement TASCA over a round-limited version of AES. In [7], Liu et al. revisited their results and introduced a TASCA-CP model that delivers solutions to this 1-round relaxation with orders of magnitude improvement in both solving time and memory consumption.

This paper extends the result and considers TASCA for the full 10-rounds AES algorithm. Two approaches are introduced: staged and integrated. The staged approach uses TASCA-CP as a spring board to enumerate and check its candidate solutions against the requirements of subsequent rounds. The integrated model formulates all the rounds of AES together with side-channel constraints on all rounds within a single unified optimization model. Empirical results shows both approaches are suitable to find the correct key of AES while the integrated model dominates the staged both in simplicity and solving time.


Algebraic side-channel attack AES Cryptography Block cipher Constraint programming Optimization 


  1. 1.
    Beierle, C., et al.: The skinny family of block ciphers and its low-latency variant mantis. Cryptology ePrint Archive, Report 2016/660 (2016).
  2. 2.
    Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). Scholar
  3. 3.
    Gérault, D., Lafourcade, P., Minier, M., Solnon, C.: Revisiting AES related-key differential attacks with constraint programming. IACR Cryptology ePrint Archive 2017, 139 (2017).
  4. 4.
    Gerault, D., Minier, M., Solnon, C.: Constraint programming models for chosen key differential cryptanalysis. In: Rueher, M. (ed.) CP 2016. LNCS, vol. 9892, pp. 584–601. Springer, Cham (2016). Scholar
  5. 5.
    Gerault, D., Minier, M., Solnon, C.: Using constraint programming to solve a cryptanalytic problem. In: Sierra, C. (ed.) Proceedings of the Twenty-Sixth International Joint Conference on Artificial Intelligence, IJCAI 2017, Melbourne, Australia, 19–25 August 2017, pp. 4844–4848. (2017).
  6. 6.
    Harvey, W.D., Ginsberg, M.L.: Limited discrepancy search. In: Proceedings of the 14th International Joint Conference on Artificial Intelligence, IJCAI 1995, vol. 1, pp. 607–613. Morgan Kaufmann Publishers Inc., San Francisco (1995).
  7. 7.
    Liu, F., Cruz, W., Ma, C., Johnson, G., Michel, L.: A tolerant algebraic side-channel attack on AES using CP. In: Beck, J.C. (ed.) CP 2017. LNCS, vol. 10416, pp. 189–205. Springer, Cham (2017). Scholar
  8. 8.
    Michel, L.D., Van Hentenryck, P.: Constraint satisfaction over bit-vectors. In: Milano, M. (ed.) CP 2012. LNCS, pp. 527–543. Springer, Heidelberg (2012). Scholar
  9. 9.
    Michel, L., Van Hentenryck, P.: A microkernel architecture for constraint programming. Constraints 22(2), 107–151 (2017). Scholar
  10. 10.
    Michel, L., See, A., Van Hentenryck, P.: Transparent parallelization of constraint programming. INFORMS J. Comput. 21(3), 363–382 (2009). Scholar
  11. 11.
    Mister, S., Adams, C.: Practical S-box design. In: Selected Areas in Cryptography (1996)Google Scholar
  12. 12.
    Mohamed, M.S.E., Bulygin, S., Zohner, M., Heuser, A., Walter, M., Buchmann, J.: Improved algebraic side-channel attack on AES. J. Cryptographic Eng. 3(3), 139–156 (2013). Scholar
  13. 13.
    NIST: Federal information processing standards publication (FIPS 197). Advanced Encryption Standard (AES) (2001)Google Scholar
  14. 14.
    Oren, Y., Kirschbaum, M., Popp, T., Wool, A.: Algebraic side-channel analysis in the presence of errors. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 428–442. Springer, Heidelberg (2010). Scholar
  15. 15.
    Oren, Y., Renauld, M., Standaert, F.-X., Wool, A.: Algebraic side-channel attacks beyond the hamming weight leakage model. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 140–154. Springer, Heidelberg (2012). Scholar
  16. 16.
    Oren, Y., Wool, A.: Tolerant algebraic side-channel analysis of AES. IACR Cryptology ePrint Archive, Report 2012/092 (2012).
  17. 17.
    Oren, Y., Wool, A.: Side-channel cryptographic attacks using pseudo-boolean optimization. Constraints 21(4), 616–645 (2016). Scholar
  18. 18.
    Ramamoorthy, V., Silaghi, M.C., Matsui, T., Hirayama, K., Yokoo, M.: The design of cryptographic S-Boxes using CSPs. In: Lee, J. (ed.) CP 2011. LNCS, vol. 6876, pp. 54–68. Springer, Heidelberg (2011). Scholar
  19. 19.
    Renauld, M., Standaert, F.-X.: Algebraic side-channel attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 393–410. Springer, Heidelberg (2010). Scholar
  20. 20.
    Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N.: Algebraic side-channel attacks on the AES: why time also matters in DPA. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 97–111. Springer, Heidelberg (2009). Scholar
  21. 21.
    Sun, S., et al.: Analysis of AES, skinny, and others with constraint programming. IACR Trans. Symmetric Cryptol. 2017(1), 281–306 (2017).

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Computer Science and Engineering Department, School of EngineeringUniversity of ConnecticutStorrsUSA

Personalised recommendations