Fresh Re-Keying: Security against Side-Channel and Fault Attacks - - PowerPoint PPT Presentation

fresh re keying
SMART_READER_LITE
LIVE PREVIEW

Fresh Re-Keying: Security against Side-Channel and Fault Attacks - - PowerPoint PPT Presentation

Dec 03, 2022 514 likes •819 views

VLSI Institute for Applied Information Processing and Communications (IAIK) VLSI & Security Fresh Re-Keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices Marcel Medwed Franois-Xavier Standaert Johann

slide-1
SLIDE 1

http://www.iaik.tugraz.at TU Graz / IAIK / VLSI AFRICACRYPT 2010

1 Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security

VLSI

1

TU Graz / IAIK / VLSI AFRICACRYPT 2010

Fresh Re-Keying:

Security against Side-Channel and Fault Attacks for Low-Cost Devices

Marcel Medwed François-Xavier Standaert Johann Großschädl Francesco Regazzoni

slide-2
SLIDE 2
slide-3
SLIDE 3
slide-4
SLIDE 4
slide-5
SLIDE 5
slide-6
SLIDE 6
  • Implementation Attacks
  • Fresh Re-keying
  • Hardware Architecture
  • Security Analysis
  • Further research and Conclusions
slide-7
SLIDE 7

Attack Simple Power Analysis Differential Power Analysis Differential Fault Analysis # Invocations

One or few power traces 10s - 100s power traces 2+ encryptions under the same key and plaintext

Goals

(In symmetric setup)

Extract Hamming weights of intermediate values Exhaustively recover sub-keys Reduce key entropy to allow exhaustive search

Uses…

Profiling and good knowledge about implementation Divide-and- conquer approach and statistics

slide-8
SLIDE 8
  • Input m  Output {c,r}
  • fk* is e.g. AES with session key
  • gk(r) does the re-keying
  • Just shift the problem to gk(r)?
  • Yes, but gk(r) will be easy to

protect

slide-9
SLIDE 9
slide-10
SLIDE 10
  • P1: Diffusion
  • P2: No need for synchronization
  • P3: No additional key material
  • P4: Little hardware overhead
  • P5: Easy to protect against SCA
  • P6: Regularity

k* = k xor r k* = Hashk(r)

k* = k*r (mod GF(28)[y]/y16+1)

slide-11
SLIDE 11
  • Implementation Attacks
  • Fresh Re-keying
  • Hardware Architecture
  • Shuffling
  • Secure Logic
  • Blinding
  • Post synthesis results
  • Security Analysis
  • Further research and Conclusions
slide-12
SLIDE 12

r2k0 r1k0 r1k1 r0k1 r0k2 r2k2 r2 r1 r0 k2 k1 k0 k2

*

k1* r2k1 r1k2 r0k0 k0 *

slide-13
SLIDE 13
  • Use randomized, redundant

representation of data

  • Addition and multiplication

are distributive

  • k* = k*r

= (k+b)*r + b*r

  • Allows arbitrary blinding order
slide-14
SLIDE 14
slide-15
SLIDE 15

5 10 15 20 25 1 2 3 Area (kGE) Blinding order g+AES g-pMAC+AES pAES AES

slide-16
SLIDE 16
  • Implementation Attacks
  • Fresh Re-keying
  • Hardware Architecture
  • Security Analysis
  • Choice of k
  • Security against DFA
  • Component-wise Security (SPA and DPA)
  • Security of the Complete Scheme (D&C)
  • Further research and Conclusions
slide-17
SLIDE 17
  • Not every ring element is a unit
  • Choosing a multiple of (y+1)

leads to a reduced session-key space

  • Accounts for a loss of entropy of

0.0056 bits out of 128

slide-18
SLIDE 18
  • DFA needs 2+

encryptions under the same key

  • Re-keying thus provides a

solid protection

slide-19
SLIDE 19
  • SPA and DPA against g
  • Blinding
  • Shuffling
  • Secure Logic
  • An adversary might get

Hamming weights of result digits with unknown indices

  • SPA on AES
  • Shuffling
slide-20
SLIDE 20
  • One bit of k* depends on HW(r) bits of k
  • #bits for hypothesis usually >1
  • #traces for attack usually >1
  • #bits in total 
slide-21
SLIDE 21
  • Observe traces with HW(r) less equal 15
  • Need to record ~nt*244 traces
slide-22
SLIDE 22
  • Observe traces with HW(r) less equal 15
  • Need to record ~nt*244 traces
  • Set nt=5 and ng=1  260 Hypotheses
slide-23
SLIDE 23
  • Implementation Attacks
  • Fresh Re-keying
  • Hardware Architecture
  • Security Analysis
  • Further research and Conclusions
  • Algebraic Side-Channel Attacks
  • The best Choice for g
  • Two parties
slide-24
SLIDE 24
  • g has a simple structure
  • Thus ASCA is likely to apply
  • Shuffling thwarts basic ASCA
  • Topic is recent, needs further investigation
slide-25
SLIDE 25
  • We picked g since it fulfills the minimum

requirements

  • There might be better choices
  • Randomness extractors?
slide-26
SLIDE 26
  • How to extend the scheme to two parties
  • Restrict the choice of r
  • Does coding theory help?
slide-27
SLIDE 27
  • Fresh re-keying separates the system in an

SCA target and a cryptanalysis target

  • SCA target generates session key, is small

and is easy to protect

  • Complete solution is more efficient than

previous proposals (area and security)

  • Only one party can be protected
  • Lots of further research…
slide-28
SLIDE 28

http://www.iaik.tugraz.at TU Graz / IAIK / VLSI AFRICACRYPT 2010

28 Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security

VLSI

28

TU Graz / IAIK / VLSI AFRICACRYPT 2010

Fresh Re-Keying:

Security against Side-Channel and Fault Attacks for Low-Cost Devices

Marcel Medwed François-Xavier Standaert Johann Großschädl Francesco Regazzoni