Side Channel Cryptanalysis of a Higher Order Masking Scheme

  • Jean-Sébastien Coron
  • Emmanuel Prouff
  • Matthieu Rivain
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4727)

Abstract

In the recent years, DPA attacks have been widely investigated. In particular, 2-nd order DPA have been improved and successfully applied to break many masked implementations. In this context a higher order masking scheme has been proposed by Schramm and Paar at CT-RSA 2006. The authors claimed that the scheme is resistant against d-th order DPA for any arbitrary chosen order d. In this paper, we prove that this assertion is false and we exhibit several 3-rd order DPA attacks that can defeat Schramm and Paar’s countermeasure for any value of d.

Keywords

Side Channel Attacks Differential Power Analysis Higher Order DPA Masking Scheme Template Attacks 

References

  1. 1.
    Agrawal, D., Rao, J.R., Rohatgi, P., Schramm, K.: Templates as master keys. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 15–29. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Akkar, M.-L., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)Google Scholar
  5. 5.
    Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  6. 6.
    Chari, S., Rao, J., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–29. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    FIPS PUB 197. Advanced Encryption Standard. National Institute of Standards and Technology (2001)Google Scholar
  8. 8.
    Fisher, R.A.: On the mathematical foundations of theoretical statistics. Philosophical Transactions of the Royal Society (1922)Google Scholar
  9. 9.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis – The Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  10. 10.
    Joye, M., Paillier, P., Schoenmakers, B.: On Second-Order Differential Power Analysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 293–308. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Messerges, T.: Securing the AES Finalists Against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Messerges, T.: Using Second-Order Power Analysis to Attack DPA Resistant software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Nyberg, K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)Google Scholar
  15. 15.
    Oswald, E., Mangard, S.: Template attacks on masking–resistance is futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 562–567. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Oswald, E., Mangard, S., Herbst, C., Tillich, S.: Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Peeters, E., Standaert, F.-X., Donckers, N., Quisquater, J.-J.: Improving Higher-Order Side-Channel Attacks with FPGA Expermiments. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 309–321. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Schramm, K., Paar, C.: Higher Order Masking of the AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 208–225. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Standaert, F.-X., Peeters, E., Quisquater, J.-J.: On the masking countermeasure and higher-order power analysis attacks. In: ITCC ’05: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC 2005), vol. I, pp. 562–567. IEEE Computer Society Press, Los Alamitos (2005)CrossRefGoogle Scholar
  21. 21.
    Trichina, E., DeSeta, D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Waddle, J., Wagner, D.: Toward Efficient Second-order Power Analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • Emmanuel Prouff
    • 2
  • Matthieu Rivain
    • 1
    • 2
  1. 1.University of Luxembourg, Faculty of Sciences, Technology and Communication, 6, rue Richard Coudenhove-Kalergi, L-1359Luxembourg
  2. 2.Oberthur Card Systems, 71-73 rue des Hautes Pâtures, 92726 Nanterre CedexFrance

Personalised recommendations