Abstract
Building on the work of Kocher [Koc96], we introduce the notion of side-channel cryptanalysis: cryptanalysis using implementation data. We discuss the notion of side-channel attacks and the vulnerabilities they introduce, demonstrate side-channel attacks against three product ciphers—timing attack against IDEA, processor-flag attack against RC5, and Hamming weight attack against DES—and then generalize our research to other cryptosystems.
Chapter PDF
References
C. Adams, “Constructing Symmetric Ciphers Using the CAST Design Procedure”, Designs, Codes and Cryptography, v.12, n.3, Nov 1997, pp. 71–104.
R. Anderson, “On Fibonacci Keystream Generators,“ Fast Software Encryption, 2nd International Workshop Proceedings, Springer-Verlag, 1995, pp. 346–352.
S. Bellovin, “Problem Areas for the IP Security Protocols,“ Proceedings of the Sixth Usenix Unix Security Symposium, Jul 1996, pp. 1–16.
ANSI X3.92, “American National Standard for Data Encryption Algorithm (DEA),“ American National Standards Institute, 1981.
E. Biham and A. Shamir, “Differential Cryptanalysis of DES-like Cryptosystems,“ Journal of Cryptology, Vol. 4, No. 1, 1991, pp. 3–72.
E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.
E. Biham, “New Types of Cryptanalytic Attacks Using Related Keys,“ Journal of Cryptology, v. 7, n. 4, 1994, pp. 229–246.
E. Biham and A. Shamir, “Differential Fault Analysis of Secret Key CryptoSystems,“ Advances in Cryptology—CRYPTO ’97 Proceedings, Springer-Verlag, 1997, pp. 513–525.
L. Blum, M. Blum, and M. Shub, “A Simple Unpredictable Pseudo-Random Number Generator,“ SIAM Journal of Computing, v. 15, n. 2, 1986, pp. 364–383.
D. Boneh, R.A. Demillo, R.J. Lipton, “On the Importance of Checking Cryptographic Protocols for Faults,“ Advances in Cryptology — EUROCRYPT ’97 Proceedings, Springer-Verlag, 1997, pp. 37–51.
W.G. Chambers and D. Gollmann, “Generatirs for Sequences with Near-Maximal Linear Equivalence,“ IEE Proceedings, v. 135, pt. E, n. 1, Jan 1988, pp. 331–343.
D. Coppersmith, H. Krawczyk, and Y. Mansour, “The Shinking Generator,“ Advances in Cryptology—CRYPTO ’93 Proceedings, Springer-Verlag, 1994, pp. 22–39.
C. Hall, I. Goldberg, B. Schneier, “Reaction Attacks Against Several Public-Key Cryptosystems,“ 1998, in preparation.
D. Kahn, The Codebreakers, The MacMillan Company, 1967.
J. Kelsey, B. Schneier, and D. Wagner, “Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES,“ Advances in Cryptology — CRYPTO ’96 Proceedings, Springer-Verlag, 1996, pp. 237–251.
J. Kelsey, B. Schneier, and D. Wagner, “Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA,“ Information and Communications Security, First International Conference Proceedings, Springer-Verlag, 1997, pp. 203–207.
P. Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems,“ Advances in Cryptology—CRYPTO ’96 Proceedings, Springer-Verlag, 1996, pp. 104–113.
P. Kocher, personal communication, 1998.
X Lai, J.L. Massey, “A Proposal for a New Block Encryption Standard,“ Advances in Cryptology—EUROCRYPT ’90 Proceedings, Springer-Verlag, pp. 389–404.
X. Lai, J.L. Massey, and S. Murphy, “Markov Ciphers and Differential Cryptanalysis,“ Advances in Cryptology—EUROCRYPT ’91 Proceedings, Springer-Verlag, pp. 17–38.
M. Matsui, “Linear Cryptanalysis Method for DES Cipher,“ Advances in Cryptology—EUROCRYPT ’93 Proceedings, Springer-Verlag, 1994, pp. 386–397.
W. Meier and O. Steffelbach, “The Self-Shrinking Generator,“ Communications and Cryptography: Two Sides of One Tapestry, R.E. Blahut et al, eds., Kluwer Academic Publishers, 1994, pp. 287–295.
R. Merkle, “A Fast Software Encryption Function,“ Advances in Cryptology—CRYPTO ’90 Proceedings, Springer-Verlag, 1991, pp. 476–501.
B. Schneier, “Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish),“ Fast Software Encryption, Cambridge Security Workshop Proceedings, Springer-Verlag, 1994, pp. 191–204.
B. Schneier, Applied Cryptography, 2nd Edition, John Wiley & Sons, 1996.
W. van Eck, “Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk,“ Computers & Security, v. 4, 1985, pp. 269–286.
P. Wright, Spycatcher, Viking Penguin Inc., 1987.
S.B. Xu, D.K. He, and X.M. Wang, “An Implementation of the GSM General Data Encryption Algorithm A5,“ CHIANCRYPT ’94, 11–15 Nov 1994, pp. 287–291.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kelsey, J., Schneier, B., Wagner, D., Hall, C. (1998). Side channel cryptanalysis of product ciphers. In: Quisquater, JJ., Deswarte, Y., Meadows, C., Gollmann, D. (eds) Computer Security — ESORICS 98. ESORICS 1998. Lecture Notes in Computer Science, vol 1485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055858
Download citation
DOI: https://doi.org/10.1007/BFb0055858
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65004-1
Online ISBN: 978-3-540-49784-4
eBook Packages: Springer Book Archive