Abstract
Keccak is a new hash function selected by NIST as the next SHA-3 standard. Keccak supports the generation of Message Authentication Codes (MACs) by hashing the direct concatenation of a variable-length key and the input message. As a result, changing the key-length directly changes the set of internal operations that need to be targeted with Differential Power Analysis. The proper selection of these target operations becomes a new challenge for MAC-Keccak, in particular when some key bytes are hidden under a hierarchical dependency structure. In this paper, we propose a complete Differential Power Analysis of MAC-Keccak under any key-length using a systematic approach to identify the required target operations. The attack is validated by successfully breaking several, practically difficult, case studies of MAC-Keccak, implemented with the reference software code on a 32-bit Microblaze processor.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Keccak reference code submission to NIST (round 3), http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/documents/Keccak_FinalRnd.zip
Xilinx microblaze soft processor core, http://www.xilinx.com/tools/microblaze.htm
RSA cryptography standard PKCS# 1 v2.2. RSA Laboratories, p. 63 (2012)
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponge functions 0.1 (2011), http://sponge.noekeon.org/CSF-0.1.pdf
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The keccak reference. Submission to NIST (Round 3) 3.0 (2011), http://keccak.noekeon.org/Keccak-reference-3.0.pdf
Bertoni, G., Daemen, J., Debande, N., Le, T.H., Peeters, M., Assche, G.V.: Power Analysis of Hardware Implementations Protected with Secret Sharing (2013), published: Cryptology ePrint Archive, Report 2013/067, http://eprint.iacr.org/
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The keccak SHA-3 submission. Submission to NIST (Round 3) (2011)
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Daemen, J., Bertoni, G., Peeters, M., Van Assche, G., Van Keer, R.: Keccak implementation overview. Technical report, NIST (2012)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York, Inc., Secaucus (2002)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–789. Springer, Heidelberg (1999)
McEvoy, R., Tunstall, M., Murphy, C.C., Marnane, W.P.: Differential power analysis of HMAC based on SHA-2, and countermeasures. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 317–332. Springer, Heidelberg (2008)
Taha, M., Schaumont, P.: Side-channel analysis of MAC-Keccak. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) (June 2013)
Zohner, M., Kasper, M., Stöttinger, M., Huss, S.: Side channel analysis of the SHA-3 finalists. In: Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1012–1017 (March 2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Taha, M., Schaumont, P. (2013). Differential Power Analysis of MAC-Keccak at Any Key-Length. In: Sakiyama, K., Terada, M. (eds) Advances in Information and Computer Security. IWSEC 2013. Lecture Notes in Computer Science, vol 8231. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41383-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-41383-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41382-7
Online ISBN: 978-3-642-41383-4
eBook Packages: Computer ScienceComputer Science (R0)