On Physical Obfuscation of Cryptographic Algorithms

  • Julien Bringer
  • Hervé Chabanne
  • Thomas Icart
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5922)


We describe a solution for physically obfuscating the representation of a cipher, to augment chips resistance against physical threats, by combining ideas from masking techniques and Physical Obfuscated Keys (POKs). With embedded chips – like RFID tags – as main motivation, we apply this strategy to the representation of a Linear Feedback Shift Register (LFSR).

The application of this technique to LFSR-based stream ciphers, such as the Self Shrinking Generator, enables to share key materials between several chips within a system while increasing the resistance of the system against compromise of chips. An extension of our ideas to non-linear ciphers is also presented with an illustration onto Trivium.


RFID tags POK PUF masking stream ciphers 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak specifications. Submission to NIST (2008)Google Scholar
  2. 2.
    Bertoni, G., Daemen, J., Assche, G.V., Peeters, M.: Radiogatún, a belt-and-mill hash function. NIST - Second Cryptographic Hash Workshop, August 24-25 (2006)Google Scholar
  3. 3.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Briceno, M., Goldberg, I., Wagner, D.: A pedagogical implementation of A5/1 (1999),
  5. 5.
    Bringer, J., Chabanne, H.: Trusted-HB: A low-cost version of HB +  secure against man-in-the-middle attacks. IEEE Transactions on Information Theory 54(9), 4339–4342 (2008)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Bringer, J., Chabanne, H., Dottax, E.: HB + + : a lightweight authentication protocol secure against some attacks. In: SecPerU, pp. 28–33. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  7. 7.
    Bringer, J., Chabanne, H., Icart, T.: Improved privacy of the tree-based hash protocols using physically unclonable function. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 77–91. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    De Cannière, C., Preneel, B.: Trivium specifications. eSTREAM, ECRYPT Stream Cipher Project (2005)Google Scholar
  9. 9.
    De Cannière, C., Preneel, B.: Trivium - a stream cipher construction inspired by block cipher design principles. In: eSTREAM, ECRYPT Stream Cipher Project (2006)Google Scholar
  10. 10.
    Coppersmith, D., Krawczyk, H., Mansour, Y.: The shrinking generator. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 22–39. Springer, Heidelberg (1994)Google Scholar
  11. 11.
    Dolev, S., Kopeetsky, M., Shamir, A.: RFID authentication efficient proactive information security within computational security. Technical Report 08-2007, Department of Computer Science, Ben-Gurion University (July 2007)Google Scholar
  12. 12.
    Duc, D.N., Kim, K.: Securing HB+ against GRS man-in-the-middle attack. In: Proceedings of the Symposium on Cryptography and Information Security (SCIS 2007) (2007)Google Scholar
  13. 13.
    Frumkin, D., Shamir, A.: Un-trusted-HB: Security vulnerabilities of trusted-HB. Cryptology ePrint Archive, Report 2009/044 (2009),
  14. 14.
    Gassend, B.: Physical random functions. Master’s thesis, Computation Structures Group, Computer Science and Artificial Intelligence Laboratory. MIT (2003)Google Scholar
  15. 15.
    Gassend, B., Clarke, D.E., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, pp. 148–160. ACM, New York (2002)Google Scholar
  16. 16.
    Gilbert, H., Robshaw, M., Seurin, Y.: HB#: Increasing the security and efficiency of HB + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  17. 17.
    Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA Intrinsic PUFs and Their Use for IP Protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Günther, C.G.: Alternating step generators controlled by de bruijn sequences. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 5–14. Springer, Heidelberg (1988)Google Scholar
  19. 19.
    Hammouri, G., Öztürk, E., Birand, B., Sunar, B.: Unclonable lightweight authentication scheme. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 33–48. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Hammouri, G., Sunar, B.: Puf-hb: A tamper-resilient hb based authentication protocol. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 346–365. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  21. 21.
    Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  22. 22.
    Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  23. 23.
    Krawczyk, H.: LFSR-based Hashing and Authentication. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 129–139. Springer, Heidelberg (1994)Google Scholar
  24. 24.
    Lee, D.H., Park, J.H., Han, J.W.: Security analysis of a variant of self-shrinking generator. IEICE Transactions 91-A(7), 1824–1827 (2008)CrossRefGoogle Scholar
  25. 25.
    Lihua, D., Yupu, H.: Weak generalized self-shrinking generators. Journal of Systems Engineering and Electronics 18(2), 407–411 (2007)CrossRefGoogle Scholar
  26. 26.
    MacWilliams, F., Sloane, N.: The theory of error-correcting codes, ch. 9. North-Holland, Amsterdam (1977)zbMATHGoogle Scholar
  27. 27.
    Meier, W., Staffelbach, O.: The self-shrinking generator. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 205–214. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  28. 28.
    Munilla, J., Peinado, A.: HB-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks 51(9), 2262–2267 (2007)zbMATHCrossRefGoogle Scholar
  29. 29.
    Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A side-channel analysis resistant description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005)Google Scholar
  30. 30.
    Piramuthu, S., Tu, Y.-J.: Modified HB authentication protocol. In: Western European Workshop on Research in Cryptology, WEWoRC (2007)Google Scholar
  31. 31.
    Shamir, A.: How to share a secret. ACM Commun. 22(11), 612–613 (1979)zbMATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: DAC, pp. 9–14. IEEE, Los Alamitos (2007)CrossRefGoogle Scholar
  33. 33.
    Thomas, S., Anthony, D., Berson, T., Gong, G.: The W7 stream cipher algorithm. Internet Draft, April 2002 (2002)Google Scholar
  34. 34.
    Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Julien Bringer
    • 1
  • Hervé Chabanne
    • 1
    • 2
  • Thomas Icart
    • 1
    • 3
  1. 1.Sagem Sécurité 
  2. 2.Télécom ParisTech 
  3. 3.Université du Luxembourg 

Personalised recommendations