Advertisement

Two Power Analysis Attacks against One-Mask Methods

  • Mehdi-Laurent Akkar
  • Régis Bévan
  • Louis Goubin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3017)

Abstract

In order to protect a cryptographic algorithm against Power Analysis attacks, a well-known method consists in hiding all the internal data with randomly chosen masks.

Following this idea, an AES implementation can be protected against Differential Power Analysis (DPA) by the “Transformed Masking Method”, proposed by Akkar and Giraud at CHES’2001, requiring two distinct masks. At CHES’2002, Trichina, De Seta and Germani suggested the use of a single mask to improve the performances of the protected implementation. We show here that their countermeasure can still be defeated by usual first-order DPA techniques.

In another direction, Akkar and Goubin introduced at FSE’2003 a new countermeasure for protecting secret-key cryptographic algorithms against high-order differential power analysis (HO-DPA). As particular case, the “Unique Masking Method” is particularly well suited to the protection of DES implementations. However, we prove in this paper that this method is not sufficient, by exhibiting a (first-order) enhanced differential power analysis attack. We also show how to avoid this new attack.

Keywords

Tamper-resistant devices Side-Channel attacks Power Analysis DPA Transformed Masking Method Unique Masking Method DES AES 

References

  1. 1.
    Akkar, M.-L., Goubin, L.: A Generic Protection against High-Order Differential Power Analysis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 192–205. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Akkar, M.-L., Bevan, R., Dischamp, P., Moyart, D.: Power Analysis: What is now Possible. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 489–502. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Akkar, M.-L., Giraud, C.: An Implementation of DES and AES Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Biham, E., Shamir, A.: Power Analysis of the Key Scheduling of the AES Candidates. In: Proceedings of the Second Advanced Encryption Standard (AES) Candidate Conference (March 1999), Available from http://csrc.nist.gov/encryption/aes/round1/Conf2/aes2conf.htm
  5. 5.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards. In: Proceedings of the Second Advanced Encryption Standard (AES) Candidate Conference (March 1999), Available from http://csrc.nist.gov/encryption/aes/round1/Conf2/aes2conf.htm
  6. 6.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Coron, J.-S.: Resistance Against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. 8.
    Daemen, J., Rijmen, V.: Resistance Against Implementation Attacks: A Comparative Study of the AES Proposals. In: Proceedings of the Second Advanced Encryption Standard (AES) Candidate Conference (March 1999), Available from http://csrc.nist.gov/encryption/aes/round1/Conf2/aes2conf.htm
  9. 9.
    Daemen, J., Peters, M., Van Assche, G.: Bitslice Ciphers and Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, p. 134. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–211. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Goubin, L., Patarin, J.: Procédé de sécurisation d’un ensemble électronique de cryptographie à clé secrète contre les attaques par analyse physique. European Patent, Bull CP8, February 4 (1999) Publication Number: 2789535Google Scholar
  12. 12.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis – The Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Kocher, P., Jaffe, J., Jun, B.: Introduction to Differential Power Analysis and Related Attacks. Technical Report, Cryptography Research Inc. (1998), Available from http://www.cryptography.com/dpa/technical/index.html
  14. 14.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  15. 15.
    Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. 16.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigations of Power Analysis Attacks on Smartcards. In: Proceedings of the USENIX Workshop on Smartcard Technology, pp. 151-161 (May 1999), Available from http://www.eecs.uic.edu/~tmesserg/papers.html
  17. 17.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power Analysis Attacks of Modular Exponentiation in Smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  18. 18.
    Mironov, I.: (Not So) Random Shuffles of RC4. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 304–319. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Okeya, K., Sakurai, K.: Power Analysis Breaks Elliptic Curve Cryptosystem even Secure against the Timing Attack. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 178–190. Springer, Heidelberg (2000)Google Scholar
  20. 20.
    Trichina, E., De Seta, D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Mehdi-Laurent Akkar
    • 1
  • Régis Bévan
    • 2
  • Louis Goubin
    • 3
  1. 1.Texas InstrumentsVilleneuve-Loubet CedexFrance
  2. 2.Oberthur Card SystemsPuteauxFrance
  3. 3.Axalto Cryptography Research & Advanced SecurityLouveciennes CedexFrance

Personalised recommendations