Advertisement

Leakage Resilient Cryptography in Practice

  • François-Xavier Standaert
  • Olivier Pereira
  • Yu Yu
  • Jean-Jacques Quisquater
  • Moti Yung
  • Elisabeth Oswald
Chapter
Part of the Information Security and Cryptography book series (ISC)

Abstract

Theoretical treatments of physical attacks have recently attracted the attention of the cryptographic community, as witnessed by various publications, e.g., [1, 17, 22, 24, 29, 31, 33, 34, 42]. These works consider adversaries enhanced with abilities such as inserting faults during a computation or monitoring side-channel leakages.

Keywords

Block Cipher Random Oracle Stream Cipher Target Device Cryptographic Primitive 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    A. Akavia, S. Goldwasser, V. Vaikuntanathan, in Simultaneous Hardcore Bits and Cryptography Against Memory Attacks. Proceedings of TCC 2009, San Francisco, CA, USA. Lecture Notes in Computer Science, vol. 5444 (Springer, Berlin, Heidelberg, Mar 2009), pp. 474–495Google Scholar
  2. 2.
    M.L. Akkar, R. Bévan, P. Dischamp, D. Moyart, in Power Analysis, What Is Now Possible.... Proceedings of ASIACRYPT 2001, Kyoto, Japan. Lecture Notes in Computer Science, vol. 1976 (Springer, Berlin, Heidelberg, New York, Dec 2001), pp. 489–502Google Scholar
  3. 3.
    R. Anderson, M. Kuhn, in Tamper Resistance - A Cautionary Note, USENIX Workshop on Electronic Commerce, Oakland, CA, USA, Nov 1996, pp 1–11Google Scholar
  4. 4.
    M. Bellare, A. Desai, E. Jokipii, P. Rogaway, in A Concrete Security Treatment of Symmetric Encryption. Proceedings of FOCS 1997, Miami, FL, USA, Oct 1997, pp. 394–403.Google Scholar
  5. 5.
    M. Bellare, B. Yee, in Forward-Security in Private-Key Cryptography. Proceedings of CT-RSA 03, San Francisco, CA, USA. Lecture Notes in Computer Science, vol. 2612 (Springer, Heidelberg, Apr 2003), pp. 1–18Google Scholar
  6. 6.
    M. Blum, S. Micali, How to generate cryptographically strong sequences of pseudo-random bits. SIAM J. Comput. 13(4), 850–863 (1984)MathSciNetzbMATHCrossRefGoogle Scholar
  7. 7.
    C. Cachin, Entropy Measures and Unconditional Security in Cryptography. Ph.D. thesis, ETH Dissertation, num 12187, 1997Google Scholar
  8. 8.
    S. Chari, C.S. Jutla, J.R. Rao, P. Rohatgi, in Towards Sound Approaches to Counteract Power-Analysis Attacks. Proceedings of CRYPTO 1999, Santa Barbara, CA, USA. Lecture Notes in Computer Science, vol. 1666 (Springer, Berlin, Heidelberg, New York, Aug 1999), pp. 398–412Google Scholar
  9. 9.
    J. Daemen, V. Rijmen, in The Wide Trail Design Strategy. Proceedings of Cryptography and Coding, 8th IMA International Conference, Cirencester, UK. Lecture Notes in Computer Science, vol. 2260 (Springer, Berlin, Dec 2001), pp. 222–238Google Scholar
  10. 10.
    Y. Dodis, Y. Tauman Kalai, S. Lovett, On Cryptography with Auxiliary Input, in the proceedings of STOC 2009, pp 621-630, Bethesda, Maryland, USA, June 2009.Google Scholar
  11. 11.
    Télécom ParisTech, The DPA Contest, http://www.dpacontest.org/
  12. 12.
    S. Dziembowski, K. Pietrzak, in Leakage-Resilient Cryptography. Proceedings of FOCS 2008, Washington, DC, USA, Oct 2008, pp. 293–302Google Scholar
  13. 13.
    T. Eisenbarth, T. Kasper, A. Moradi, C. Paar, M. Salmasizadeh, M.T. Manzuri Shalmani, in On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme. Proceedings of CRYPTO 2008, Santa Barbara, CA, USA. Lecture Notes in Computer Science, vol. 5157 (Springer, Berlin, Heidelberg, Aug 2008), pp. 203–220Google Scholar
  14. 14.
    ECRYPT Network of Excellence in Cryptology, The Side-Channel Cryptanalysis Lounge, http://www.crypto.ruhr-uni-bochum.de/ensclounge.html
  15. 15.
    ECRYPT Network of Excellence in Cryptology, The eSTREAM Project, http://www.ecrypt.eu.org/stream/, http://www.ecrypt.eu.org/stream/call/
  16. 16.
    S. Faust, L. Reyzin, E. Tromer, Protecting Circuits from Computationally-Bounded Leakage, Cryptology ePrint Archive, Report 2009/379Google Scholar
  17. 17.
    R. Gennaro, A. Lysyanskaya, T. Malkin, S. Micali, T. Rabin, in Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering. Proceedings of TCC 2004, Cambridge, MA, USA. Lecture Notes in Computer Science, vol. 2951 (Springer, Berlin, Feb 2004), pp. 258–277Google Scholar
  18. 18.
    O. Goldreich, S. Goldwasser, S. Micali, How to construct random functions. J. ACM 33(4), 792–807 (1986)MathSciNetCrossRefGoogle Scholar
  19. 19.
    L. Goubin, J. Patarin, in DES and Differential Power Analysis. Proceedings of CHES 1999, Worcester, MA, USA. Lecture Notes in Computer Science, vol. 1717 (Springer, Berlin, Aug 1999), pp. 158–172Google Scholar
  20. 20.
    J.A Halderman, S.D. Schoen, N. Heninger, W. Clarkson, J.A. Calandrino, A.J. Feldman, J. Appelbaum, E.W. Felten, in Lest We Remember: Cold Boot Attacks on Encryption Keys. Proceedings of the USENIX Security Symposium 2008, San Jose, CA, USA, Aug 2008, pp. 45–60Google Scholar
  21. 21.
    C. Hsiao, C. Lu, L. Reyzin, in Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility. Proceedings of EUROCRYPT 2007, Barcelona, Spain. Lecture Notes in Computer Science, vol. 4515 (Springer, Berlin, May 2007), pp. 169–186Google Scholar
  22. 22.
    Y. Ishai, A. Sahai, D. Wagner, in Private Circuits: Securing Hardware against Probing Attacks. Proceedings of Crypto 2003, Santa Barbara, CA, USA. Lecture Notes in Computer Science, vol. 2729 (Springer, Berlin, Aug 2003), pp. 463–481Google Scholar
  23. 23.
    P. Junod, S. Vaudenay, in FOX: A New Family of Block Ciphers. Proceedings of SAC 2004, Waterloo, Canada. Lecture Notes in Computer Science, vol. 3357, (Springer, Heidelberg, Aug 2004), pp. 114–129Google Scholar
  24. 24.
    J. Katz, in Universally Composable Multi-Party Computation Using Tamper-Proof Hardware. Proceedings of EUROCRYPT 2007, Barcelona, Spain. Lecture Notes in Computer Science, vol. 4515 (Springer, Berlin, Heidelberg, May 2007), pp. 115–128Google Scholar
  25. 25.
    L.R. Knudsen, in Practically Secure Feistel Ciphers. Proceedings FSE 1993, Cambridge, UK. Lecture Notes in Computer Science, vol. 809 (Springer, Berlin, Heidelberg, Dec 1993), pp. 211–221Google Scholar
  26. 26.
    P. Kocher, J. Jaffe, B. Jun, in Differential Power Analysis. Proceedings of Crypto 1999, Santa Barbara, CA, USA. Lecture Notes in Computer Science, vol. 1666 (Springer, Berlin, Heidelberg, New York, Aug 1999), pp. 398–412Google Scholar
  27. 27.
    P. Kocher, Leak Resistant Cryptographic Indexed Key Update, U.S. Patent 6539092, 2003Google Scholar
  28. 28.
    P. Kocher, in Design and Validation Strategies for Obtaining Assurance in Countermeasures to Power Analysis and Related Attacks. Proceedings of the NIST Physical Security Workshop, Honolulu, HI, USA, Sept 2005Google Scholar
  29. 29.
    B. Köpf, D. Basin, in An Information Theoretic Model for Adaptive Side-Channel Attacks. Proceedings of the ACM Conference on Computer and Communications Security 2007, Alexandria, VA, USA, Oct 2007, pp. 286–296Google Scholar
  30. 30.
    M. Luby, C. Rackoff, How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)MathSciNetzbMATHCrossRefGoogle Scholar
  31. 31.
    S. Micali, L. Reyzin, in Physically Observable Cryptography. Proceedings of TCC 2004, Cambridge, MA, USA. Lecture Notes in Computer Science, vol. 2951 (Springer, Heidelberg, Feb 2004), pp. 278–296Google Scholar
  32. 32.
    T.S. Messerges, in Using Second-Order Power Analysis to Attack DPA Resistant Software. Proceedings of CHES 2000, Worcester, MA, USA. Lecture Notes in Computer Science, vol. 2523 (Springer, Berlin, Heidelberg, New York, Aug 2000), pp. 238–251Google Scholar
  33. 33.
    C. Petit, F.-X. Standaert, O. Pereira, T.G. Malkin, M. Yung, in A Block Cipher Based PRNG Secure Against Side-Channel Key Recovery. Proceedings of ASIACCS 2008, Tokyo, Japan, Mar 2008, pp. 56–65Google Scholar
  34. 34.
    K. Pietrzak, in A Leakage-Resilient Mode of Operation. Proceedings of Eurocrypt 2009, Cologne, Germany. Lecture Notes in Computer Science, vol. 5479 (Springer, Berlin, Heidelberg, Apr 2009), pp. 462–482Google Scholar
  35. 35.
    K. Pietrzak, in Provable Security for Physical Cryptography, invited talk. Proceedings of WEWORC 2009, Graz, Austria, July 2009Google Scholar
  36. 36.
    M. Renauld, F.-X. Standaert, Algebraic Side-Channel Attacks, Cryptology ePrint Archive: Report 2009/279Google Scholar
  37. 37.
    M. Renauld, F.-X. Standaert, N. Veyrat-Charvillon, in Algebraic Side-Channel Attacks on the AES: Why Time Also Matters in DPA. Proceedings of CHES 2009, Lausanne, Switzerland. Lecture Notes in Computer Science, vol. 5746 (Springer, Berlin, Sept 2009), pp. 97–111Google Scholar
  38. 38.
    RCIS (Research Center for Information Security), SASEBO (Side-Channel Attack Standard Evaluation Boards), http://www.rcis.aist.go.jp/special/SASEBO/
  39. 39.
    W. Schindler, K. Lemke, C. Paar, in A Stochastic Model for Differential Side-Channel Cryptanalysis. Proceedings of CHES 2005, Edinburgh, Scotland. Lecture Notes in Computer Science, vol. 3659 (Springer, Berlin, Sept 2005), pp. 30–46Google Scholar
  40. 40.
    K. Schramm, T.J. Wollinger, C. Paar, in A New Class of Collision Attacks and Its Application to DES. Proceedings of FSE 2003, Lund, Sweden. Lecture Notes in Computer Science, vol. 2887 (Springer, Heidelberg, Feb 2003), pp. 206–222Google Scholar
  41. 41.
    N. Smart, D. Page, E. Oswald, Randomised representations. IET Inf. Secur. 2(2), 19–27 (June 2008)CrossRefGoogle Scholar
  42. 42.
    F.-X. Standaert, T.G. Malkin, M. Yung, in A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. Proceedings of Eurocrypt 2009, Cologne, Germany. Lecture Notes in Computer Science, vol. 5479 (Springer, Berlin, Heidelberg, Apr 2009), pp. 443–461, extended version available on the Cryptology ePrint Archive, Report 2006/139, http://eprint.iacr.org/2006/139
  43. 43.
    F.-X. Standaert, E. Peeters, C. Archambeau, J.-J. Quisquater, in Towards Security Limits in Side-Channel Attacks. Proceedings of CHES 2006, Yokohama, Japan, Oct 2006. Lecture Notes in Computer Science, vol. 4249 (Springer, Heidelberg, 2006), pp. 30–45, latest version available on the Cryptology ePrint Archive, Report 2007/222, http://eprint.iacr.org/2007/222.Google Scholar
  44. 44.
    F.-X. Standaert, C. Archambeau, in Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages. Proceedings of CHES 2008, Washington, DC, USA. Lecture Notes in Computer Science, vol. 5154 (Springer, Berlin, Heidelberg, Aug 2008), pp. 411–425Google Scholar
  45. 45.
    F.-X. Standaert, B. Gierlichs, I. Verbauwhede, in Partition vs. Comparison Side-Channel Distinguishers: An Empirical Evaluation of Statistical Tests for Univariate Side-Channel Attacks. Proceedings of ICISC 2008, Seoul, Korea. Lecture Notes in Computer Science, vol. 5461 (Springer, Berlin, Dec 2008), pp. 253–267Google Scholar
  46. 46.
    F.-X. Standaert, P. Bulens, G. de Meulenaer, N. Veyrat-Charvillon, Improving the Rules of the DPA Contest, Cryptology ePrint Archive, Report 2006/139, http://eprint.iacr.org/2006/139
  47. 47.
    K. Tiri, M. Akmal, I. Verbauwhede, A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards, ESSCIRC 2003, Estoril, Portugal, September 2003Google Scholar
  48. 48.
    S. Vaudenay, Decorrelation: a theory for block cipher security. J. Cryptol. 16(4), 249–286 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  49. 49.
    A.C. Yao, in Theory and Applications of Trapdoor Functions (Extended Abstract). Proceedings of FOCS 1982, Chicago, IL, USA, Nov 1982, pp. 80–91Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • François-Xavier Standaert
    • 1
  • Olivier Pereira
    • 1
  • Yu Yu
    • 1
  • Jean-Jacques Quisquater
    • 1
  • Moti Yung
    • 2
    • 3
  • Elisabeth Oswald
    • 4
  1. 1.Crypto GroupUniversité catholique de LouvainLouvain-la-NeuveBelgium
  2. 2.Department of Computer ScienceColumbia UniversityNew YorkUSA
  3. 3.Google IncMountain ViewUSA
  4. 4.Department of Computer ScienceUniversity of BristolBristolUK

Personalised recommendations