Abstract
A general method to secure cryptographic algorithms against side-channel attacks is the use of randomization techniques and, in particular, masking. Roughly speaking, using random values unknown to an adversary one masks the input to a cryptographic algorithm. As a result, the intermediate results in the algorithm computation are uncorrelated to the input and the adversary cannot obtain any useful information from the side-channel. Unfortunately, previous AES randomization techniques have based their security on heuristics and experiments. Thus, flaws have been found which make AES randomized implementations still vulnerable to side-channel cryptanalysis. In this paper, we provide a formal notion of security for randomized maskings of arbitrary cryptographic algorithms. Furthermore, we present an AES randomization technique that is provably secure against side-channel attacks if the adversary is able to access a single intermediate result. Our randomized masking technique is quite general and it can be applied to arbitrary algorithms using only arithmetic operations over some finite field. To our knowledge this is the first time that a randomization technique for the AES has been proven secure in a formal model.
Keywords
- Intermediate Result
- Advance Encryption Standard
- Cryptographic Algorithm
- Security Notion
- Fast Software Encryption
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Chapter PDF
References
Akkar, M.-L., Bévan, R., Goubin, L.: Two Power Analysis Attacks against One-Mask Methods. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 332–347. Springer, Heidelberg (2004)
Akkar, M.-L., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)
Biham, E., Shamir, A.: Power Analysis of the Key Scheduling of the AES Candidates. In: Proceedings of the Second AES Candidate Conference (AES2), Rome, Italy (March 1999)
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)
Clavier, C., Coron, J.-S., Dabbous, N.: Differential Power Analysis in the Presence of Hardware Countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)
Daemen, J., Rijmen, V.: Resistance Against Implementation Attacks: A Comparative Study of the AES Proposals. In: Proceedings of the Second AES Candidate Conference (AES2), Rome, Italy (March 1999)
Drolet, G.: A New Representation of Elements of Finite Fields GF(2m) Yielding Small Complexity Arithmetic Circuits. IEEE Transactions on Computers 47(9), 938–946 (1998)
Fournier, J.J.A., Moore, S., Li, H., Mullins, R., Taylor, G.: Security Evaluation of Asynchronous Circuits. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 137–151. Springer, Heidelberg (2003)
Golić, J.D., Tymen, C.: Multiplicative Masking and Power Analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)
Golić, J.D.: DeKaRT: A New Paradigm for Key-Dependent Reversible Circuits. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 98–112. Springer, Heidelberg (2003)
Goubin, L., Patarin, J.: DES and Differential Power Analysis. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)
Guajardo, J., Paar, C.: Itoh-Tsujii Inversion in Standard Basis and Its Application in Cryptography and Codes. Design, Codes, and Cryptography 25(2), 207–216 (2002)
Itoh, T., Tsujii, S.: A Fast Algorithm for Computing Multiplicative Inverses in GF(2m) Using Normal Bases. Information and Computation 78, 171–177 (1988)
Kocher, P., Jaffe, J., Jun, B.: Introduction to Differential Power Analysis and Related Attacks. Technical Report, Cryptography Research, Inc (1998)
Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Koeune, F., Quisquater, J.-J.: A timing attack against Rijndael. Technical Report CG-1999/1, Université Catholique de Louvain (1999)
Mangard, S.: A Simple Power-Analysis (SPA) Attackon Implementations of the AES Key Expansion. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 343–358. Springer, Heidelberg (2003)
Messerges, T.S.: Securing the AES Finalists Against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)
Moore, S., Anderson, R., Mullins, R., Taylor, G., Fournier, J.J.A.: Balanced Self-Checking Asynchronous Logic for Smart Card Applications. Journal of Microprocessors and Microsystems 27(9), 421–430 (2003)
Örs, S.B., Gürkaynak, F., Oswald, E., Preneel, B.: Power-Analysis Attack on an ASIC AES Implementation. In: Proceedings of the 2004 International Symposium on Information Technology (ITCC 2004). IEEE Computer Society Press, Los Alamitos (2004)
Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)
Tiri, K., Akmal, M., Verbauwhede, I.: A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards. In: 28th European Solid-State Circuits Conference, ESSCIRC 2002 (2002)
Tiri, K., Verbauwhede, I.: Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 125–136. Springer, Heidelberg (2003)
Trichina, E.: Combinational logic design for aes subbyte transformation on masked data. Cryptology eprint archive: Report 2003/236, IACR, November 11 (2003)
Trichina, E., De Seta, D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2003)
U.S. Department of Commerce/National Institute of Standard and Technology. FIPS PUB 197, Specification for the Advanced Encryption Standard (AES) (November 2001), Available at http://csrc.nist.gov/encryption/aes
Voigtländer, P.: Entwicklung einer Hardwarearchitektur für einen AES-Coprozessor. In: Diplomarbeit, Fachbereich Informatik, Mathematik und Naturwissenshaften, Technische Informatik, May 2, 2003, HTWK Leipzig, Germany (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blömer, J., Guajardo, J., Krummel, V. (2004). Provably Secure Masking of AES. In: Handschuh, H., Hasan, M.A. (eds) Selected Areas in Cryptography. SAC 2004. Lecture Notes in Computer Science, vol 3357. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30564-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-30564-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24327-4
Online ISBN: 978-3-540-30564-4
eBook Packages: Computer ScienceComputer Science (R0)