Novel Leakage Against Realistic Masking and Shuffling Countermeasures
It is often considered reasonable to combine first-order Boolean masking and shuffling countermeasures. However, shuffling countermeasures can sometimes be applied only to some rounds to improve performance. Herein, we define combinations of partial shuffling and masking countermeasures as restricted shuffling and masking countermeasures.
Moreover, we propose a novel leakage on restricted shuffling and masking countermeasures that have low attack complexity and a small correlation-reduction factor. Our novel leakage ignores the confusion layer to prevent shuffling from increasing the attack complexity. To reduce the complexity, we can confirm a partial correlation between the diffusion and confusion layer outputs. We identify that our proposal, which exploits this fact offers an overwhelming advantage compared with existing attacks when applied to the PRINCE and SEED block ciphers. Furthermore, we demonstrate the effectiveness of our proposed scheme using both simulated and realistic traces. In simulations, the number of traces required was reduced by up to 95%. When attacking a realistic device, a few traces were enough to recover the correct key, although existing attacks failed to reveal the correct key.
KeywordsShuffling Masking Second-order correlation power analysis PRINCE SEED
This work was supported by the Institute for Information and Communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. 20170005200011001, Development of SCR-Friendly Symmetric Key Cryptosystem and Its Application Modes).
- 8.Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007). https://doi.org/10.1007/978-0-387-38162-6
- 13.Information Technology \(-\) Security Techniques \(-\) Encryption Algorithms \(-\) Part 3: Block Ciphers, ISO/IEC 18033–3:2005 (2005)Google Scholar