Abstract
To prevent product counterfeiting, a common practice is to cryptographically authenticate system components (e.g., inkjet cartridges, batteries, or spare parts) using dedicated ICs. In this paper, we analyse the security of two wide-spread examples for such devices, the DS28E01 and DS2432 SHA-1-based authentication ICs manufactured by Maxim Integrated. We show that the 64-bit secret can be fully extracted using non-invasive side-channel analysis with 1,800 and 1,200 traces, respectively. Doing so, we present the, to our knowledge, first gray-box side-channel attack on real-world devices employing an HMAC-like construction. Our results highlight that there is an evident need for protection against implementation attacks also for the case of low-cost devices like product authentication ICs.
D. Oswald—Part of this work was carried out while the author was at the Chair for Embedded Security, Prof. Dr.-Ing. Christof Paar, Ruhr-University Bochum, Germany.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Atmel. ATAES132A 32K AES Serial EEPROM Specification. Datasheet, July 2015. http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf
Belaid, S., Bettale, L., Dottax, E., Genelle, L., Rondepierre, F.: Differential power analysis of HMAC SHA-2 in the hamming weight model. In: SECRYPT 2013, Reykjavik, Iceland. Scitepress, July 2013
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Brandt, C.: Hacking iButtons. Presentation at 27C3 (2010). http://cribert.freeforge.net/27c3/ibsec.pdf
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
O’Flynn, C.: ChipWhisperer, July 2015. https://www.assembla.com/spaces/chipwhisperer/wiki
Fouque, P.-A., Leurent, G., Réal, D., Valette, F.: Practical electromagnetic template attack on HMAC. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 66–80. Springer, Heidelberg (2009)
Hemme, L., Hoffmann, L.: Differential fault analysis on the SHA1 compression function. In: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography - FDTC 2011, pp. 54–62. IEEE Computer Society, Washington, DC (2011)
Infineon. ORIGA SLE95200. Datasheet, July 2015. http://www.infineon.com/dgdl/ORIGA2_SLE95200_Product_Brief_v1+00.pdf?fileId=db3a30433580b3710135a50170336cd8
Li, R., Li, C., Gong, C.: Differential fault analysis on SHACAL-1. In: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography - FDTC 2009, pp. 120–126. IEEE Computer Society, Washington, DC (2009)
Maxim integrated. 1-Wire, July 2015. http://www.maximintegrated.com/en/products/comms/one-wire.html
Maxim integrated. DS28E01-100 1 Kb Protected 1-Wire EEPROM with SHA-1 Engine, July 2015. http://www.maximintegrated.com/en/products/digital/memory-products/DS28E01-100.html/tb_tab0
McEvoy, R., Tunstall, M., Murphy, C.C., Marnane, W.P.: Differential power analysis of HMAC based on SHA-2, and countermeasures. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 317–332. Springer, Heidelberg (2008)
NIST. FIpPS 180–4 Secure Hash Standard (SHS). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
Oswald, D.: Implementation attacks.: from theory to practice. Ph.D. thesis, Ruhr-University Bochum, September 2013
Preneel, B., van Oorschot, P.C.: MDx-MAC and building fast MACs from hash functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)
Rivest, R.L.: The invertibility of the XOR of rotations of a binary word. Int. J. Comput. Math. 88(2), 281–284 (2011)
Sourceforge. GIAnT (Generic Implementation ANalysis Toolkit), April 2013. https://sf.net/projects/giant/
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)
United nations office on drugs and crime. Counterfeit Goods - A Bargain or a Costly Mistake? Fact Sheet (2013). http://www.unodc.org/documents/toc/factsheets/TOC12_fs_counterfeit_EN_HIRES.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Oswald, D. (2016). Side-Channel Attacks on SHA-1-Based Product Authentication ICs. In: Homma, N., Medwed, M. (eds) Smart Card Research and Advanced Applications. CARDIS 2015. Lecture Notes in Computer Science(), vol 9514. Springer, Cham. https://doi.org/10.1007/978-3-319-31271-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-31271-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31270-5
Online ISBN: 978-3-319-31271-2
eBook Packages: Computer ScienceComputer Science (R0)