Advertisement

Unknown Plaintext Template Attacks

  • Neil Hanley
  • Michael Tunstall
  • William P. Marnane
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5932)

Abstract

In this paper we present a variation of the template attack classification process that can be applied to block ciphers when the plaintext and ciphertext used are unknown. In a naïve implementation this attack can be applied to any round of a block cipher. We also show that when a block cipher is implemented with the masking countermeasure a similar attack can be applied to the first round of the cipher. We demonstrate that the attack works in practice by applying it to implementations of AES on 8051 and ARM7 microprocessors. We also demonstrate that the attack can be applied to implementations of block ciphers that use the masking countermeasure when three points are selected from which templates are constructed, or two points if the plaintext can be guessed.

Keywords

block ciphers side channel attack power analysis template attack 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Agrawal, D., Rao, J.R., Rohatgi, P.: Multi-channel attacks. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 2–16. Springer, Heidelberg (2003)Google Scholar
  2. 2.
    Agrawal, D., Rao, J.R., Rohatgi, P., Schramm, K.: Templates as master keys. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 15–29. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Akkar, M.-L., Bévan, R., Goubin, L.: Two power analysis attacks against one-mask methods. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 332–347. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Akkar, M.-L., Goubin, L.: A generic protection against high-order differential power analysis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 192–205. Springer, Heidelberg (2003)Google Scholar
  5. 5.
    Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1–14. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    ARM Limited. ARM7TDMI technical reference manual (revision r4p1). ARM Doc No. DDI 0210, Issue C (2004), http://infocenter.arm.com/help/topic/com.arm.doc.ddi0210c/DDI0210B.pdf
  7. 7.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)Google Scholar
  8. 8.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Methods and Techniques. National Institute of Standards and Technology (December 2001)Google Scholar
  10. 10.
    Fahn, P.N., Pearson, P.K.: Ipa: A new class of power attacks. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 725–726. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  11. 11.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Handschuh, H., Preneel, B.: Blind differential cryptanalysis for enhanced power analysis. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 163–173. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Jaffe, J.: A first-order DPA attack against AES in counter mode with unknown initial counter. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 1–13. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Jolliffe, I.T.: Principal Component Analysis, 2nd edn. Springer Series in Statistics. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  15. 15.
    Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  16. 16.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  17. 17.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks — Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)zbMATHGoogle Scholar
  18. 18.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
  19. 19.
    National Institute of Standards and Technology. Advanced Encryption Standard (AES), FIPS–197 (2001)Google Scholar
  20. 20.
    Oswald, E., Mangard, S.: Template attacks on masking — resistance is futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Rechberger, C., Oswald, E.: Practical template attacks. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 440–456. Springer, Heidelberg (2005)Google Scholar
  22. 22.
    Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411–425. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Neil Hanley
    • 1
  • Michael Tunstall
    • 2
  • William P. Marnane
    • 1
  1. 1.Department of Electrical and Electronic EngineeringUniversity College CorkIreland
  2. 2.Department of Computer ScienceUniversity of Bristol, Merchant Venturers BuildingBristolUnited Kingdom

Personalised recommendations