Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us Track your research
Search
Cart
Book cover

International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2006: Cryptographic Hardware and Embedded Systems - CHES 2006 pp 76–90Cite as

  1. Home
  2. Cryptographic Hardware and Embedded Systems - CHES 2006
  3. Conference paper
Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations

Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations

  • Stefan Mangard18 &
  • Kai Schramm19 
  • Conference paper

  • 3339 Accesses

  • 58 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4249)

Abstract

This article starts with a discussion of three different attacks on masked AES hardware implementations. This discussion leads to the conclusion that glitches in masked circuits pose the biggest threat to masked hardware implementations in practice. Motivated by this fact, we pinpointed which parts of masked AES S-boxes cause the glitches that lead to side-channel leakage. The analysis reveals that these glitches are caused by the switching characteristics of XOR gates in masked multipliers. Masked multipliers are basic building blocks of most recent proposals for masked AES S-boxes. We subsequently show that the side-channel leakage of the masked multipliers can be prevented by fulfilling timing constraints for 3 \(\textperiodcentered\) n XOR gates in each GF(2n) multiplier of an AES S-box. We also briefly present two approaches on how these timing constraints can be fulfilled in practice.

Keywords

  • AES
  • DPA
  • Glitches
  • Zero-Offset DPA
  • Zero-Input DPA
  • Masking
  • Delay Chains

The work described in this paper has been supported in part by the European Commission through the IST Programme under Contract IST-2002-507932 ECRYPT.

Chapter PDF

Download to read the full chapter text

References

  1. Akkar, M.-L., Bevan, R., Goubin, L.: Two Power Analysis Attacks against One-Mask Methods. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 332–347. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

  2. Akkar, M.-L., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  3. Blömer, J., Guajardo, J., Krummel, V.: Provably Secure Masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

  4. Fischer, W., Gammel, B.M.: Masking at Gate Level in the Presence of Glitches. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 187–200. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  5. Golić, J.D., Tymen, C.: Multiplicative Masking and Power Analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  6. Joye, M., Paillier, P., Schoenmakers, B.: On Second-Order Differential Power Analysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 293–308. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  7. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  8. Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  9. Mangard, S., Pramstaller, N., Oswald, E.: Successfully Attacking Masked AES Hardware Implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  10. Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  11. Morioka, S., Akishita, T.: A DPA-resistant Compact AES S-Box Circuit using Additive Mask. In: Computer Security Composium (CSS) Proceedings, October 16, 2004, September 2004, pp. 679–684 (2004) (in Japanese only)

    Google Scholar 

  12. Morioka, S., Satoh, A.: An Optimized S-Box Circuit Architecture for Low Power AES Design. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 172–186. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  13. National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001), Available online at: http://www.itl.nist.gov/fipspubs/

  14. Oswald, E., Mangard, S., Herbst, C., Tillich, S.: Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 192–207. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  15. Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A Side-Channel Analysis Resistant Description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  16. Popp, T., Mangard, S.: Masked Dual-Rail Pre-Charge Logic: DPA-Resistance without Routing Constraints. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 172–186. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  17. Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  18. Schramm, K., Paar, C.: Higher Order Masking of the AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 208–225. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  19. Suzuki, D., Saeki, M., Ichikawa, T.: Random Switching Logic: A Countermeasure against DPA based on Transition Probability. Cryptology ePrint Archive Report 2004/346 (2004), http://eprint.iacr.org/

  20. Suzuki, D., Saeki, M., Ichikawa, T.: DPA Leakage Models for CMOS Logic Circuits. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 366–382. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  21. Trichina, E., Korkishko, T., Lee, K.-H.: Small Size, Low Power, Side Channel-Immune AES Coprocessor: Design and Synthesis Results. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 113–127. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  22. Trichina, E., Seta, D.D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  23. Waddle, J., Wagner, D.: Towards Efficient Second-Order Power Analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communciations (IAIK), Graz University of Technology, Inffeldgasse 16a, 8010, Graz, Austria

    Stefan Mangard

  2. Horst Görtz Institute for IT Security (HGI), Ruhr University Bochum, Universitätsstr. 150, 44780, Bochum, Germany

    Kai Schramm

Authors
  1. Stefan Mangard
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kai Schramm
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Versailles Saint-Quentin-en-Yvelines University, 45 Avenue des Etats-Unis, 78035, Versailles Cedex, France

    Louis Goubin

  2. Information Technology R&D Center, Mitsubishi Electric Corporation, 5-1-1 Ofuna Kamakura Kanagawa, Japan

    Mitsuru Matsui

Rights and permissions

Reprints and Permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mangard, S., Schramm, K. (2006). Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations. In: Goubin, L., Matsui, M. (eds) Cryptographic Hardware and Embedded Systems - CHES 2006. CHES 2006. Lecture Notes in Computer Science, vol 4249. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11894063_7

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/11894063_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-46559-1

  • Online ISBN: 978-3-540-46561-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Publish with us

Policies and ethics

search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Cancel contracts here

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature