Abstract
Collision attack is often employed against some cryptographic algorithms such as AES and DES. As a usual countermeasure, masking can resist such attacks to some extent. In CHES 2011, Clavier et al. proposed a collision-correlation attack based on Pearson correlation coefficient against masking. In this paper, a collision distinguisher based on least absolute deviation against masking is proposed. Subsequently, we suggest three other distinguishers based on least square method, least exponent method, and central moment product, respectively. Our experiments and simulations show that in practice, our distinguishers based on least absolute deviation and least square method perform much better than collision-correlation attack and other proposed distinguishers in this paper. We also give four application examples, which show that even if the masks are not reused, new distinguishers are competent to collision attacks.
摘要
创新点
本文首先给出了基于最小一乘法的碰撞区分器, 并证明了其正确性。 随后讨论了基于最小二乘法、 最小n乘法、 以及中心矩乘积等其它三种有效的模型。 实验表明, 基于最小一乘法和最小二乘法的效果优于其它两种模型和Clavier等人的碰撞相关攻击。 最后, 给出了新方法的四种应用实例, 并讨论了其普适性。
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ferguson N, Schneier B, Kohno T. Cryptography Engineering: Design Principles and Practical Applications. Hoboken: Wiley, 2010
Menezes A J, van Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. CRC Press, 1997
Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proceedings of 19th International Conference on Cryptology, Santa Barbara, 1999. 388–397
Schramm K, Wollinger T, Paar C. A new class of collision attacks and its application to DES. In: Proceedings of 10th International Workshop on Fast Software Encryption, Lund, 2003. 206–222
Schramm K, Leander G, Felke P, et al. A collision-attack on AES combining side channel- and differential-attack. In: Proceedings of 6th Workshop on Cryptographic Hardware and Embedded Systems, Cambridge, 2004. 163–175
Bogdanov A. Improved side-channel collision attacks on AES. In: Proceedings of 14th International Workshop on Selected Areas in Cryptography, Ottawa, 2007. 84–95
Bogdanov A. Multiple-differential side-channel collision attacks on AES. In: Proceedings of 10th Workshop on Cryptographic Hardware and Embedded Systems, Washington, 2008. 30–44
Sveshnikov A A, Silverman R A. Problems in Probability Theory, Mathematical Statistics and Theory of Random Functions. New York: Dover Publications, 1979
Chari S, Jutla C, Rao J, et al. Towards sound approaches to counteract power-analysis attacks. In: Proceedings of 19th International Conference on Cryptology, Santa Barbara, 1999. 398–412
Goubin L, Patarin J. DES and differential power analysis-the duplication method. In: Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, Washington, 1999. 158–172
Messerges T S. Securing the AES finalist against power analysis attacks. In: Proceedings of 7th International Workshop on Fast Software Encryption, New York, 2000. 150–164
Moradi A, Mischke O, Eisenbarth T. Correlation-enhanced power analysis collision attack. In: Proceedings of 12th Workshop on Cryptographic Hardware and Embedded Systems, Santa Barbara, 2010. 125–139
Clavier C, Feix B, Gagnerot G, et al. Improved collision-correlation power analysis on first order protected AES. In: Proceedings of 13th Workshop on Cryptographic Hardware and Embedded Systems, Nara, 2011. 49–62
Herbst C, Oswald E, Mangard S. An AES smart card implementation resistant to power analysis attacks. In: Proceedings of 4th International Conference on Applied Cryptography and Network Security, Singapore, 2006. 239–252
Oswald E, Mangard S, Herbst C, et al. Practical second-order DPA attacks for masked smart card implementations of block ciphers. In: Proceedings of the Cryptographers’ Track at the RSA Conference, San Jose, 2006. 192–207
Akkar M L, Bevan R, Dischamp P, et al. Power analysis, what is now possible… In: Proceedings of 6th International Conference on the Theory and Application of Cryptology and Information Security, Kyoto, 2000. 489–502
Standaert F X, Veyrat-Charvillon N, Oswald E, et al. The world is not enough: another look on second-order DPA. In: Proceedings of 16th Annual International Conference on the Theory and Application of Cryptology and Information Security, Singapore, 2010. 112–129
Rivain M, Prouff E. Provably secure higher-order masking of AES. In: Proceedings of 12th Workshop on Cryptographic Hardware and Embedded Systems, Santa Barbara, 2010. 413–427
Chari S, Rao J R, Rohatgi P. Template attacks. In: Proceedings of 4th Workshop on Cryptographic Hardware and Embedded Systems, Redwood Shores, 2002. 13–28
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, A., Wang, Z., Zheng, X. et al. Efficient collision attacks on smart card implementations of masked AES. Sci. China Inf. Sci. 58, 1–15 (2015). https://doi.org/10.1007/s11432-014-5214-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-014-5214-5