Yet another side-channel attack: Multi-linear Power Analysis attack - - PowerPoint PPT Presentation

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Yet another side-channel attack: Multi-linear Power Analysis attack (MLPA)

Thomas Roche, C´ edric Tavernier

Laboratoire LIG, Grenoble, France. Communications and Systems, Le Plessis Robinson, France.

Cryptopuces Porquerolles

8 juin 2009

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Plan

1 List decoding of the First order Reed-Muller codes and Multi-linear cryptanalysis Multi-linear cryptanalysis List Decoding of RM(1,m) codes Complexity 2 Application to Power Analysis attacks : MLPA MLPA attack MLPA vs Other approaches A template-like attack 3 Conclusion and Open perspectives

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Symmetric cipher (4-bits plaintexts, 4-bits key)

C E P K

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Symmetric cipher (4-bits plaintexts, 4-bits key)

E

p3 c0 p2 p0 p1 k3 k2 k1 k0 c3 c2 c1

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Linear approximations

E

⊕ p3 p1 k2 k0 c1 c0 c3 k3 k1 c2 p2 p0 ⊕ ⊕ ⊕ ⊕

linear approximation p1 ⊕ p3 ⊕ k0 ⊕ k2 = c0 ⊕ c1 ⊕ c3 hold with probability p = 1/2 + ǫ.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Multi-linear cryptanalysis

       k0 ⊕ k2 = p1 ⊕ p3 ⊕ c0 ⊕ c1 ⊕ c3 p = 1/2 + ǫ1 k0 ⊕ k1 ⊕ k2 = p0 ⊕ p2 ⊕ c2 ⊕ c3 p = 1/2 + ǫ2 k1 ⊕ k3 = p2 ⊕ p3 ⊕ c1 ⊕ c3 p = 1/2 + ǫ3 k1 ⊕ k2 ⊕ k3 = p0 ⊕ p1 ⊕ p2 ⊕ p3 ⊕ c2 ⊕ c3 p = 1/2 + ǫ4 Complexity of the attack [Biry 04] Given n linear approximations αi, P ⊕ µi, K = βi, E(P, K) #Plaintexts = O(

1 P

i(ǫ2 i ))

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Multi-linear cryptanalysis

       k0 ⊕ k2 = p1 ⊕ p3 ⊕ c0 ⊕ c1 ⊕ c3 p = 1/2 + ǫ1 k0 ⊕ k1 ⊕ k2 = p0 ⊕ p2 ⊕ c2 ⊕ c3 p = 1/2 + ǫ2 k1 ⊕ k3 = p2 ⊕ p3 ⊕ c1 ⊕ c3 p = 1/2 + ǫ3 k1 ⊕ k2 ⊕ k3 = p0 ⊕ p1 ⊕ p2 ⊕ p3 ⊕ c2 ⊕ c3 p = 1/2 + ǫ4 Complexity of the attack [Biry 04] Given n linear approximations αi, P ⊕ µi, K = βi, E(P, K) #Plaintexts = O(

1 P

i(ǫ2 i ))

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Multi-linear cryptanalysis

Multivariate degree 1 polynomial reconstruction

C E P K

α, P ⊕ µ, K = β, E(P, K)

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp List Decoding of RM(1,m) codes

Reed-Muller code properties

Definition of RM(1, m) RM(1, m) = {f ∈ GF(2)(1)[x1, x2, · · · , xm]} ; Usual representation : (f (0), f (1), · · · , f (2m − 1)) ; Boolean representation : f = f1x1 ⊕ f2x2 ⊕ · · · ⊕ fmxm code of lenght n = 2m and minimal distance d = n/2. Classical Problem Given a Boolean function g, we want to construct the list {f ∈ RM(1, m) | dH(f , g) ≤ n(1/2 − ǫ)}, which is equivalent to Lg(ǫ) = {f ∈ RM(1, m) | l(g)(f ) =

• x∈GF(2)m(−1)f (x)⊕g(x) ≥ 2ǫn}.

Johnson Bound In fact Lg(ǫ) ≤

1 4ǫ2

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp List Decoding of RM(1,m) codes

List Decoding Algorithms

A simple idea 2ǫn ≤ |l(g)(f )| ≤

• s∈GF(2)m−i|
• r∈GF(2)i(−1)g(r,s)⊕f (i)(r)| where

f (i) = f1x1 ⊕ · · · ⊕ fixi. Screnning process : we suggest fi and we check if the inequality is satisfied. ⇒ L(i)

g (ǫ) = {f ∈ RM(1, i) | s

|

• r∈GF(2)i(−1)g(r,s)⊕f (r)| ≥ 2ǫn}.

In fact M = L(i)

g (ǫ) ≤ 1 4ǫ2 . With E = L(i) g (ǫ)

4nǫ2M ≤

a∈E

• b∈E
• s

|

• r∈GF(2)i(−1)g(r,s)⊕a(i)(r)⊕g(r,s)⊕b(i)(r)| ≤ n.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp Complexity

Complexity

Worst case complexity The complexity of this algorithm is in O(n log2

2(ǫ)) [I Du 07].

The complexity of the prob. version is in O(m2/ǫ6) [Kaba 04]. The size of the result can be of size m/2ǫ2, thus optimal complexity could be in O(m/ǫ2). Optimal complexity In fact Goldreich and Levin algorithm : O(m/ǫ4).

• I. Dumer, G. Kabatiansky and C. Tavernier, not yet published :

O(m/ǫ2)

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Plan

1 List decoding of the First order Reed-Muller codes and Multi-linear cryptanalysis Multi-linear cryptanalysis List Decoding of RM(1,m) codes Complexity 2 Application to Power Analysis attacks : MLPA MLPA attack MLPA vs Other approaches A template-like attack 3 Conclusion and Open perspectives

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Side channel measurements

E

p3 c0 p2 p0 p1 k3 k2 k1 k0 c3 c2 c1

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Side channel measurements

E

p2 c0 c1 c2 c3 k0 k1 k2 k3 p0 p1 p3

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA attack

Linear approximations and Power Analysis

E

k1 k2 c0 c1 c2 c3 k3 p3 p2 p1 p0 k0

HD and HW models Leaked information related to the Hamming weight of the manipulated data.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA attack

Linear approximations and Power Analysis

h2 h0 h1 ∼ HW ()

E

k1 k2 c0 c1 c2 c3 k3 p3 p2 p1 p0 k0

HD and HW models Leaked information related to the Hamming weight of the manipulated data.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA attack

Attack algorithm and results on DPA-contest traces

1 Offline static computation : Find many and good

approximations of the intermediate data Hamming weight (for every output mask).

2 Online attack : multi-linear cryptanalysis assuming

”Leaked information = Hamming distance”. From traces "secmatv1 2006 04 0809" http://www.dpacontest.org/

Cipher rounds # linear equ. # key bits # traces DES 1 84 20 1000 DES 1 84 45 20000 DES 2 163 10 1000 DES 2 163 47 36000

Tab.: Attack on DPA-contest traces Results

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA attack

Approximation examples

Output Mask (in binary) : 100000

Bias Equations (plain part) Equations (key part) 0.0215 1 + P[5, 26, 27, 31, 45, 53, 61]+ K[6, 7, 29, 38, 52] 0.0134 0 + P[28, 29, 31, 37, 45, 53]+ K[6, 7, 29, 61] 0.0156 1 + P[5, 28, 29, 31, 37, 45]+ K[6, 29, 38, 61] 0.0189 1 + P[5, 28, 29, 31, 37, 53]+ K[7, 29, 38, 61] 0.0163 0 + P[5, 8, 9, 37, 45, 53, 61]+ K[6, 7, 38, 52, 61] 0.0223 0 + P[5, 14, 15, 31, 37, 45, 61]+ K[6, 29, 38, 52, 61] 0.0182 0 + P[5, 28, 29, 31, 37, 53, 61]+ K[7, 29, 38, 52, 61] 0.0157 1 + P[5, 26, 27, 31, 37, 53, 61]+ K[7, 29, 38, 52, 61] 0.0191 0 + P[5, 26, 27, 31, 37, 45, 53, 61]+ K[6, 7, 29, 38, 52, 61]

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA vs Other approaches

Classical Power Analysis attacks

E

p2 c0 c1 c2 c3 k0 k1 k2 k3 p0 p1 p3

Limitations Intermediate data should be dependent to less than 32 key-bits.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA vs Other approaches

Classical Power Analysis attacks

E

p2 c0 c1 c2 c3 k0 k1 k2 k3 p0 p1 p3

Limitations Intermediate data should be dependent to less than 32 key-bits.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA vs Other approaches

Countermeasures

The implementation is safe if one can shut down all information leakages : Suppress synchronization elements. (buses and registers) and/or Randomize the data processed.

(masking techniques [Akka 01, Akka 03, Akka 04, Lv 05])

and/or Add random useless computations. and/or balanced dynamic dual-rail gates designs. and/or ... Secure ... But not for free ! e.g. ”Three 32-Bit Random Masks and Six Additional S-Boxes are the Minimal Cost for a Secure DES Implementation” [Lv 05]

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA vs Other approaches

Countermeasures

The implementation is safe if one can shut down all information leakages : Suppress synchronization elements. (buses and registers) and/or Randomize the data processed.

(masking techniques [Akka 01, Akka 03, Akka 04, Lv 05])

and/or Add random useless computations. and/or balanced dynamic dual-rail gates designs. and/or ... Secure ... But not for free ! e.g. ”Three 32-Bit Random Masks and Six Additional S-Boxes are the Minimal Cost for a Secure DES Implementation” [Lv 05]

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp MLPA vs Other approaches

Glued Blocks

Possible solution Concentrate on the firsts and lasts rounds. i.e. no information leak during these critical rounds ⇒ No observable intermediate value is dependent to less than 32 key bits. Sufficient countermeasure against DPA-like, CPA, MIA, etc ... Not against MLPA !

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp A template-like attack

Training device attack

Remark The List-decoding algorithm operates on the target boolean function as a black-box. Getting the linear approximations from a twin board i.e. Chosen plaintexts and keys Approximations directly linked to the leaked information. much more accurate. No need to choose a power consumption model. No need to know the target block cipher. still need to know where/when to attack.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

Next Steps on MLPA : MLPA on a consumption measurement refinement. Simultaneous MLPA on several rounds. HO-MLPA. MLPA on static masked implementation. Other block ciphers. Better linear approximations. MLPA template attack. Unknown block cipher attack.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

The end.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

references I

M.-L. Akkar and C. Giraud. “An Implementation of DES and AES, Secure against Some Attacks”. In : C ¸etin Kaya Ko¸ c, D. Naccache, and C. Paar, Eds., CHES,

• pp. 309–318, Springer, 2001.

M.-L. Akkar and L. Goubin. “A Generic Protection against High-Order Differential Power Analysis”. In : T. Johansson, Ed., FSE, pp. 192–205, Springer, 2003. M.-L. Akkar, R. Bevan, and L. Goubin. “Two Power Analysis Attacks against One-Mask Methods”. In : B. K. Roy and W. Meier, Eds., FSE, pp. 332–347, Springer, 2004.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

references II

• A. Biryukov, C. D. Canni`

ere, and M. Quisquater. “On Multiple Linear Approximations”. In : M. K. Franklin, Ed., CRYPTO, pp. 1–22, Springer, 2004.

• G. K. I. Dumer and C. Tavernier.

“List Decoding of the First Order Binary Reed Muller Codes”. Problems of Information Transmission, Vol. 43, No. 3,

• pp. 225–232, 2007.
• G. Kabatiansky and C. Tavernier.

“List decoding with Reed Muller codes of order one”. In : nine International Workshop On Algebraic and Combinatorial Coding Theory, pp. 230–236, 2004.

List decoding of RM(1,m) and Multi-linear cryptanalysis Application to Power Analysis attacks : MLPA Conclusion and Open persp

references III

• J. Lv and Y. Han.

“Enhanced DES Implementation Secure Against High-Order Differential Power Analysis in Smartcards”. In : C. Boyd and J. M. G. Nieto, Eds., ACISP, pp. 195–206, Springer, 2005.