research-article

Practical template-algebraic side channel attacks with extremely low data complexity

Authors:

Avishai WoolAuthors Info & Claims

HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy

Article No.: 7, Pages 1 - 8

https://doi.org/10.1145/2487726.2487733

Published: 23 June 2013 Publication History

Abstract

Template-based Tolerant Algebraic Side Channel Attacks (Template-TASCA) were suggested in [20] as a way of reducing the high data complexity of template attacks by coupling them with algebraic side-channel attacks. In contrast to the maximum-likelihood method used in a standard template attack, the template-algebraic attack method uses a constraint solver to find the optimal state correlated to the measured side-channel leakage. In this work we present the first application of the template-algebraic key recovery attack to a publicly available data set (IAIK WS2). We show how our attack can successfully recover the encryption key even when the attacker has extremely limited access to the device under test -- only 200 traces in the offline phase and as little as a single trace in the online phase.

References

[1]

T. Achterberg. Constraint Integer Programming. PhD thesis, Technische Universität Berlin, 2007.

[2]

A. Bechtsoudis and N. Sklavos. Side channel attacks cryptanalysis against block ciphers based on fpga devices. In VLSI (ISVLSI), 2010 IEEE Computer Society Annual Symposium on, pages 460--461. IEEE, 2010.

Digital Library

[3]

T. Berthold, S. Heinz, and M. E. Pfetsch. Nonlinear pseudo-boolean optimization: Relaxation or propagation? In SAT 2009, pages 441--446, 2009.

Digital Library

[4]

T. Berthold, S. Heinz, M. E. Pfetsch, and M. Winkler. SCIP -- Solving Constraint Integer Programs. SAT 2009 competitive events booklet, 2009.

[5]

J. Biskup, D. M. Burgard, T. Weibert, and L. Wiese. Inference control in logic databases as a constraint satisfaction problem. In Information Systems Security, pages 128--142. Springer, 2007.

Digital Library

[6]

A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann, M. J. B. Robshaw, Y. Seurin, and C. Vikkelsoe. PRESENT: An Ultra-Lightweight Block Cipher. In P. Paillier and I. Verbauwhede, editors, CHES, volume 4727 of LNCS, pages 450--466. Springer, 2007.

Digital Library

[7]

E. Brier, C. Clavier, and F. Olivier. Correlation power analysis with a leakage model. In M. Joye and J.-J. Quisquater, editors, CHES, volume 3156 of LNCS, pages 16--29. Springer, 2004.

[8]

S. Chari, J. R. Rao, and P. Rohatgi. Template Attacks. In B. S. K. Jr., Çetin Kaya Koç, and C. Paar, editors, CHES, volume 2523 of LNCS, pages 13--28. Springer, 2002.

Digital Library

[9]

M. A. Elaabid and S. Guilley. Practical improvements of profiled side-channel attacks on a hardware crypto-accelerator. In Progress in Cryptology--AFRICACRYPT 2010, pages 243--260. Springer, 2010.

Digital Library

[10]

A. Heuser and M. Zohner. Intelligent machine homicide. In Constructive Side-Channel Analysis and Secure Design, pages 249--264. Springer, 2012.

Digital Library

[11]

IAIK IMPA Lab. IAIK IMPA Lab Infrastructure. Online.

[12]

Information Technology Laboratory (National Institute of Standards and Technology). Announcing the Advanced Encryption Standard (AES). Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, 2001.

[13]

Y. Kim, N. Homma, T. Aoki, and H. Choi. Security evaluation of cryptographic modules against profiling attacks. In T. Kwon, M.-K. Lee, and D. Kwon, editors, ICISC, volume 7839 of LNCS, pages 383--394. Springer, 2012.

Digital Library

[14]

S. Mangard, E. Oswald, and T. Popp. Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances inInformation Security). Springer-Verlag New York, Inc., Secaucus, NJ, USA, 2007.

Digital Library

[15]

V. Manquinho and O. Roussel. Pseudo-Boolean Competition 2009. Online, July 2009.

[16]

F. Massacci and L. Marraro. Logical Cryptanalysis as a SAT Problem. J. Autom. Reason., 24(1-2):165--203, 2000.

Digital Library

[17]

M. S. E. Mohamed, S. Bulygin, M. Zohner, A. Heuser, M. Walter, and J. Buchmann. Improved algebraic side-channel attack on AES. In HOST, pages 146--151. IEEE, 2012.

[18]

National Institute of Standards and Technology. FIPS PUB 46-3: Data Encryption Standard (DES). Oct. 1999.

[19]

Y. Oren, M. Kirschbaum, T. Popp, and A. Wool. Algebraic Side-Channel Analysis in the Presence of Errors. In S. Mangard and F.-X. Standaert, editors, CHES, volume 6225 of LNCS, pages 428--442. Springer, 2010.

Digital Library

[20]

Y. Oren, M. Renauld, F.-X. Standaert, and A. Wool. Algebraic side-channel attacks beyond the hamming weight leakage model. In E. Prouff and P. Schaumont, editors, CHES, volume 7428 of LNCS, pages 140--154. Springer, 2012.

Digital Library

[21]

D. Oswald and C. Paar. Breaking mifare desfire mf3icd40: Power analysis and templates in the real world. In B. Preneel and T. Takagi, editors, CHES, volume 6917 of LNCS, pages 207--222. Springer, 2011.

Digital Library

[22]

C. Rechberger and E. Oswald. Practical template attacks. In C. H. Lim and M. Yung, editors, WISA, volume 3325 of LNCS, pages 440--456. Springer, 2004.

Digital Library

[23]

M. Renauld and F.-X. Standaert. Algebraic Side-Channel Attacks. In F. Bao, M. Yung, D. Lin, and J. Jing, editors, Inscrypt, volume 6151 of LNCS, pages 393--410. Springer, 2009.

Digital Library

[24]

M. Renauld, F.-X. Standaert, and N. Veyrat-Charvillon. Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA. In C. Clavier and K. Gaj, editors, CHES, volume 5747 of LNCS, pages 97--111. Springer, 2009.

Digital Library

[25]

W. Schindler, K. Lemke, and C. Paar. A stochastic model for differential side channel cryptanalysis. In J. R. Rao and B. Sunar, editors, CHES, volume 3659 of LNCS, pages 30--46. Springer, 2005.

Digital Library

[26]

N. Veyrat-Charvillon, B. Gérard, M. Renauld, and F.-X. Standaert. An optimal key enumeration algorithm and its application to side-channel attacks. In L. R. Knudsen and H. Wu, editors, Selected Areas in Cryptography, volume 7707 of LNCS, pages 390--406. Springer, 2012.

[27]

R. Wunderling. Paralleler und objektorientierter Simplex-Algorithmus. PhD thesis, Technische Universität Berlin, 1996.

[28]

X. Zhao, T. Wang, S. Guo, F. Zhang, Z. Shi, H. Liu, and K. Wu. SAT based Error Tolerant Algebraic Side-Channel Attacks. 2011 Conference on Cryptographic Algorithms and Cryptographic Chips (CASC2011), July 2011.

Cited By

Hayoon HOren Y(2022)Time, Memory and Accuracy Tradeoffs in Side-Channel Trace ProfilingCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-07689-3_3(29-46)Online publication date: 23-Jun-2022
https://doi.org/10.1007/978-3-031-07689-3_3
Ma CChandy JMichel LLiu FCruz W(2018)Influence of Error on Hamming Weights for ASCAInformation Security and Cryptology10.1007/978-3-319-75160-3_26(447-460)Online publication date: 4-Feb-2018
https://doi.org/10.1007/978-3-319-75160-3_26
Ma CChandy J(2018)Error Tolerant ASCA on FPGACloud Computing and Security10.1007/978-3-030-00012-7_51(563-572)Online publication date: 13-Sep-2018
https://doi.org/10.1007/978-3-030-00012-7_51
Show More Cited By

Index Terms

Practical template-algebraic side channel attacks with extremely low data complexity
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Modern operating systems use hardware support to protect against control-flow hijacking attacks such as code-injection attacks. Typically, write access to executable pages is prevented and kernel mode execution is restricted to kernel code pages only. ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
Abstract
Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Algebraic side-channel attacks
Inscrypt'09: Proceedings of the 5th international conference on Information security and cryptology

In 2002, algebraic attacks using overdefined systems of equations have been proposed as a potentially very powerful cryptanalysis technique against block ciphers. However, although a number of convincing experiments have been performed against certain ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy

June 2013

77 pages

ISBN:9781450321181

DOI:10.1145/2487726

Conference Chairs:
Ruby Lee
Princeton University
,
Weidong Shi
University of Houston

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGARCH: ACM Special Interest Group on Computer Architecture

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 June 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

HASP '13

Sponsor:

SIGARCH

HASP '13: The Second Workshop on Hardware and Architectural Support for Security and Privacy

June 23 - 24, 2013

Tel-Aviv, Israel

Acceptance Rates

HASP '13 Paper Acceptance Rate 9 of 13 submissions, 69%;

Overall Acceptance Rate 9 of 13 submissions, 69%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
151
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hayoon HOren Y(2022)Time, Memory and Accuracy Tradeoffs in Side-Channel Trace ProfilingCyber Security, Cryptology, and Machine Learning10.1007/978-3-031-07689-3_3(29-46)Online publication date: 23-Jun-2022
https://doi.org/10.1007/978-3-031-07689-3_3
Ma CChandy JMichel LLiu FCruz W(2018)Influence of Error on Hamming Weights for ASCAInformation Security and Cryptology10.1007/978-3-319-75160-3_26(447-460)Online publication date: 4-Feb-2018
https://doi.org/10.1007/978-3-319-75160-3_26
Ma CChandy J(2018)Error Tolerant ASCA on FPGACloud Computing and Security10.1007/978-3-030-00012-7_51(563-572)Online publication date: 13-Sep-2018
https://doi.org/10.1007/978-3-030-00012-7_51
Kazmi AAfzal MAmjad MAbbas HYang X(2017)Algebraic Side Channel Attack on Trivium and Grain CiphersIEEE Access10.1109/ACCESS.2017.27662345(23958-23968)Online publication date: 2017
https://doi.org/10.1109/ACCESS.2017.2766234
Ou CWang ZAi JZhou XSun DDeBrunner VChen XWang XHuang X(2016)Error Tolerance based Single Interesting Point Side Channel CPA DistinguisherProceedings of the 11th ACM on Asia Conference on Computer and Communications Security10.1145/2897845.2897902(819-827)Online publication date: 30-May-2016
https://dl.acm.org/doi/10.1145/2897845.2897902
Ou CWang ZSun DZhou XAi J(2016)A new efficient interesting points enhanced electromagnetic attack on AT89S522016 IEEE International Symposium on Electromagnetic Compatibility (EMC)10.1109/ISEMC.2016.7571639(176-181)Online publication date: Jul-2016
https://doi.org/10.1109/ISEMC.2016.7571639
Oren YWool A(2016)Side-channel cryptographic attacks using pseudo-boolean optimizationConstraints10.1007/s10601-015-9237-321:4(616-645)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1007/s10601-015-9237-3
Oren YWeisse OWool A(2014)A New Framework for Constraint-Based Probabilistic Template Side Channel AttacksProceedings of the 16th International Workshop on Cryptographic Hardware and Embedded Systems --- CHES 2014 - Volume 873110.1007/978-3-662-44709-3_2(17-34)Online publication date: 23-Sep-2014
https://dl.acm.org/doi/10.1007/978-3-662-44709-3_2

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents