An Evaluation of Hash Functions on a Power Analysis Resistant Processor Architecture

  • Simon Hoerder
  • Marcin Wójcik
  • Stefan Tillich
  • Daniel Page
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6633)

Abstract

Cryptographic hash functions are an omnipresent component in security-critical software and devices; they support digital signature and data authenticity schemes, mechanisms for key derivation, pseudo-random number generation and so on. A criterion for candidate hash functions in the SHA-3 contest is resistance against side-channel analysis which is a major concern especially for mobile devices. This paper explores the implementation of said candidates on a variant of the Power-Trust platform; our results highlight a flexible solution to power analysis attacks, implying only a modest performance overhead.

References

  1. 1.
    Wang, X., Yu, H., Yin, Y.: Efficient Collision Search Attacks on SHA-0. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 1–16. Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Wang, X., Yin, Y., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)Google Scholar
  3. 3.
    National Institute of Standards and Technology (NIST): Secure Hash Standard (SHS). Federal Information Processing Standards Publication 180-2 (August 2002), http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
  4. 4.
    National Institute of Standards and Technology (NIST): Cryptographic Hash Algorithm Competition, http://csrc.nist.gov/groups/ST/hash/sha-3/index.html
  5. 5.
    Rogaway, P., Shrimpton, T.: Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Dent, A., Dottax, E.: An overview of side-channel attacks on the asymmetric NESSIE encryption primitives. NESSIE Public Report NES/DOC/RHU/WP5/020/a (May 2002), https://www.cosic.esat.kuleuven.be/nessie/reports/phase2/sidechannels.pdf
  7. 7.
    Lemke, K., Schramm, K., Paar, C.: DPA on n-Bit Sized Boolean and Arithmetic Operations and Its Application to IDEA, RC6, and the HMAC-Construction. In: Joye, M., Quisquater, J.J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 205–219. Springer, Heidelberg (2004), http://dx.doi.org/10.1007/978-3-540-28632-5_15 CrossRefGoogle Scholar
  8. 8.
    Okeya, K.: Side Channel Attacks Against HMACs Based on Block-Cipher Based Hash Functions. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 432–443. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    McEvoy, R., Tunstall, M., Murphy, C., Marnane, W.: Differential Power Analysis of HMAC Based on SHA-2, and Countermeasures. In: Sehun, K., Yung, M., Lee, H.W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 317–332. Springer, Heidelberg (2008) ISBN: 3-540-77534-XCrossRefGoogle Scholar
  10. 10.
    Gauravaram, P., Okeya, K.: Side Channel Analysis of Some Hash Based MACs: A Response to SHA-3 Requirements. In: Chen, L., Ryan, M., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 111–127. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Fouque, P.A., Leurent, G., Réal, D., Valette, F.: Practical Electromagnetic Template Attack on HMAC. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 66–80. Springer, Heidelberg (2009), http://dx.doi.org/10.1007/978-3-642-04138-9_6 CrossRefGoogle Scholar
  12. 12.
    Rivest, R.: Side-channel-free timings?, E-Mail to the hash-forum@nist.gov mailing list (November 2010), http://www.cio.nist.gov/esd/emaildir/lists/hash-forum/msg02189.html
  13. 13.
    Tiri, K., Akmal, M., Verbauwhede, I.: A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards. In: European Solid-State Circuits Conference (ESSCIRC), pp. 403–406 (2002)Google Scholar
  14. 14.
    Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: Design, Automation, and Test in Europe (DATE), pp. 246–251 (2004)Google Scholar
  15. 15.
    May, D., Muller, H., Smart, N.: Non-deterministic processors. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    IAIK, Graz University of Technology: Power-Trust project website, http://www.iaik.tugraz.at/content/research/implementation_attacks/prj_powertrust/
  17. 17.
    Tillich, S., Kirschbaum, M., Szekely, A.: SCA-Resistant Embedded Processors—The Next Generation. In: 26th Annual Computer Security Applications Conference (ACSAC 2010), Austin, Texas, USA, December 6-10, pp. 211–220. ACM, New York (2010)Google Scholar
  18. 18.
    Bernstein, D.: CubeHash specification (2.B.1). Submission to NIST, (Round 2) (2009)Google Scholar
  19. 19.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  20. 20.
    Aumasson, J.P., Henzen, L., Meier, W., Phan, R.W.: SHA-3 proposal BLAKE. Submission to NIST (2008)Google Scholar
  21. 21.
    Aumasson, J.P., Henzen, L., Meier, W., Phan, R.W.: OFFICIAL COMMENT: BLAKE tweak. E-Mail to the hash-forum@nist.gov mailing list (November 2010), http://www.cio.nist.gov/esd/emaildir/lists/hash-forum/msg02233.html
  22. 22.
    Gligoroski, D., Klima, V., Knapskog, S., El-Hadedy, M., Amundsen, J., Mjølsnes, S.: Cryptographic Hash Function BLUE MIDNIGHT WISH. Submission to NIST (Round 2) (2009)Google Scholar
  23. 23.
    Gligoroski, D., Klima, V., Knapskog, S., El-Hadedy, M., Amundsen, J., Mjølsnes, S.: Clarification on the rotation constant for the variable M_15. Official Comment to hash-forum@nist.gov (Round 2) (November 2009), http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/documents/BMW_Comments.pdf
  24. 24.
    Bernstein, D.: CubeHash parameter tweak: 10× smaller MAC overhead. Submission to NIST (Round 2) (2010)Google Scholar
  25. 25.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Keccak sponge function family main document. Submission to NIST (Round 2) (2009)Google Scholar
  26. 26.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Keccak specifications. Submission to NIST (Round 2) (2009)Google Scholar
  27. 27.
    National Institute of Standards and Technology (NIST): Secure Hash Standard (SHS). Federal Information Processing Standards Publication 180-3 (October 2008), http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
  28. 28.
    Bresson, E., Canteaut, A., Chevallier-Mames, B., Clavier, C., Fuhr, T., Gouget, A., Icart, T., Misarsky, J.F., Naya-Plasencia, M., Paillier, P., Pornin, T., Reinhard, J.R., Thuillet, C., Videau, M.: Shabal, a Submission to NIST’s Cryptographic Hash Algorithm Competition. Submission to NIST (2008)Google Scholar
  29. 29.
    Bresson, E., Canteaut, A., Chevallier-Mames, B., Clavier, C., Fuhr, T., Gouget, A., Icart, T., Misarsky, J.F., Naya-Plasencia, M., Paillier, P., Pornin, T., Reinhard, J.R., Thuillet, C., Videau, M.: Indifferentiability with Distinguishers: Why Shabal Does Not Require Ideal Ciphers. Cryptology ePrint Archive, Report 2009/199 (2009)Google Scholar
  30. 30.
    Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein Hash Function Family. Submission to NIST (Round 2) (2009)Google Scholar
  31. 31.
    SPARC International, Inc.: The SPARC Architecture Manual, Version 8, 535 Middlefield Road, Suite 210, Menlo Park, CA 94025, Revision SAV080SI9308 (1992)Google Scholar
  32. 32.
    eBACS: ECRYPT Benchmarking of Cryptographic Systems: ECRYPT Benchmarking of All Submitted Hashes, http://bench.cr.yp.to/results-sha3.html

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Simon Hoerder
    • 1
  • Marcin Wójcik
    • 1
  • Stefan Tillich
    • 1
  • Daniel Page
    • 1
  1. 1.Department of Computer ScienceUniversity of BristolUK

Personalised recommendations