Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unknown Input Attacks in the Parallel Setting Improving the Security of the CHES 2012 Leakage Resilient PRF Marcel Medwed François-Xavier Standaert Ventzislav.

Published byKevin Nelson Modified over 6 years ago

Similar presentations

Presentation on theme: "Unknown Input Attacks in the Parallel Setting Improving the Security of the CHES 2012 Leakage Resilient PRF Marcel Medwed François-Xavier Standaert Ventzislav."— Presentation transcript:

1 Unknown Input Attacks in the Parallel Setting Improving the Security of the CHES 2012 Leakage Resilient PRF Marcel Medwed François-Xavier Standaert Ventzislav Nikov Martin Feldhofer

2 Outline SCA Intro Motivation Construction & Effects Analysis
Conclusions AsiaCrypt Marcel Medwed

3 SCA Intro

4 Attack and Countermeasure Landscape
Constant Detection Instantaneous Leakage m1 m2 ... mn Timing Limit measurements c = Ek(m) Faults Probing Low SNR Masking Shielding AsiaCrypt Marcel Medwed

5 The costs of CMs Masking Time randomization (aka shuffling)
O(n^2) costs vs. O(c^n) security Time randomization (aka shuffling) O(n) costs vs. O(n) security Fault protection Combinations are hard FTDC2016: More Efficient Private Circuits II Through Threshold Implementations Key updates to limit measurements AsiaCrypt Marcel Medwed

6 Motivation

7 Key updates help Only two traces per key
Need for bounded leakage for 2 traces Security only limited by black box setting But a stream cipher needs a unique IV How to seed the PRG securely with bounded leakage? AsiaCrypt Marcel Medwed

8 How to initialize Masking and other CMs
Maybe performance gain but no bounded leakage AsiaCrypt Marcel Medwed

9 How to initialize Fresh re-keying
Masking much easier, performance gain, still no bounded leakage AsiaCrypt Marcel Medwed

10 How to initialize LR-PRF
Attempt to instantiate a bounded leakage scheme Not provably bounded (no arbitrary adaptive leakage function) However, experiments suggest bound for practical leakage functions AsiaCrypt Marcel Medwed

11 Construction & Effects

12 DPA: Parallelism and Algorithmic Noise (1)
Key Score 00 0,12 01 0,21 02 0,11 ... 45 0,95 46 0,23 FD 0,15 FE 0,16 FF 0,18 Independent S-box p1 k1 s1 S-box pi ki si S-box p16 k16 s16 SCA Side Channel Independent Algorithmic Noise P known, K and S unknown D&C, only look at one S-box at a time 2 dim distribution with P and S, defined by key In a profiled attack, 2^8 such distributions are known. Sample device and compare. S-boxes are processed in parallel. Not targeted ones will generate noise. Independent P, independent noise, only more traces Eventually find key C AsiaCrypt Marcel Medwed

13 DPA: Parallelism and Algorithmic Noise (2)
Parallelism adds algorithmic noise Blue  no noise, green  2 par. S-boxes,..., purple  16 par. S-boxes But security decreases exponentially Averaging works only for random plaintexts Fixing the data complexity to 2 allows bounding the leakage How can it be fixed to 2? AsiaCrypt Marcel Medwed

14 Using the GGM-PRF construction
Use PRF: y = Fk(x) k being a n-bit secret key x = x(0)...x(n-1) being a public input P0 = {0}128 and P1 = {1}128 Only 2 plaintexts (many traces though) But 128 encryptions per operation How to speed up? Color secret portions red AsiaCrypt Marcel Medwed

15 Speeding up... And loosing security
Only 16 AES encryptions 256 plaintexts  256 traces per key No security left Can we do better? Color secret portions red Somewhere we need to introduce the model error concept AsiaCrypt Marcel Medwed

16 Avoiding D&C with carefully chosen PTs (CHES 2012)
Plaintext Key Score 00 0,41 01 0,40 02 0,27 ... 45 0,37 46 0,23 FD 0,20 FE 0,10 FF 0,15 p k1 p ki p k16 S-box S-box S-box SCA Side Channel s1 Key Dependent Noise si s16 Noise does not marginalize anymore  distribution is key dependent Attack all keys at the same time Ciphertext AsiaCrypt Marcel Medwed

17 Carefully Chosen Plaintexts
16 AES encryptions, 256 plaintexts As PT bytes are equal, divide-and-conquer does not apply anymore Noise becomes key dependent, cannot be averaged Even if all key bytes are recovered, the order remains unknown But Ordering 16 bytes is still easy (244) Properties hold only for first round 16 S-boxes need same leakage function Can we do better? AsiaCrypt Marcel Medwed

18 Our Contribution: Using Unknown Plaintexts
Precomputation of secret plaintexts using LR-PRG Use bits of x to index table of secret plaintexts AsiaCrypt Marcel Medwed

19 Avoiding D&C with Unknown PTs (1)
Plaintext Key Score 00 0,41 01 0,40 02 0,27 ... 45 0,37 46 0,23 FD 0,20 FE 0,10 FF 0,15 Side Channel p1 k1 pi ki p16 k16 S-box S-box S-box SCA Side Channel s1 si s16 Attack all at the same time  key dependent noise Second order attack  much more sensitive to noise Only profiled attacks work (no info on p) Ciphertext AsiaCrypt Marcel Medwed

20 Security of Unknown Plaintexts
Only profiled attacks work Key dependent noise impacts a two-dimensional distribution (2nd-order SCA) Key dependent noise is present in the entire algorithm AsiaCrypt Marcel Medwed

21 Analysis

22 Distribution Distances
We match sub key distributions to the device distribution Carefully chosen plaintexts only prevent ordering (+ some misranking) For unknown plaintexts the device distribution is much more destorted

23 Looking at the sub key distributions
Carefully chosen plaintexts Correct sub keys are ranked first Best ranked sub key is always one of the correct ones Worst ranked sub key like to be < rank 20 AsiaCrypt Marcel Medwed

24 Looking at the sub key distributions
Carefully chosen plaintexts Unknown plaintexts AsiaCrypt Marcel Medwed

25 Conclusions

26 Conclusion (1) Bounded leakage against realistic attacks with little assumptions No equal leakage assumption No randomness needed  Works with plain, parallel AES Speed up depends on memory 2m PTs, m times faster AsiaCrypt Marcel Medwed

27 Conclusion (2) Lots of analysis done
leakage models implementation flaws template building errors ... But more needed (for masking it took >10 years to understand most issues) Security depends on security against 2 noise-free traces (2PRG) Future work Localized EM attacks (as they can overcome parallelism) Use other tools in attack AsiaCrypt Marcel Medwed

28

29 Localized EM Attacks Likely to reduce parallelism Blue: Attack on 2PRG
Green: Attack on PRF with 16 unknown plaintexts Red: Attack on secret pllaintexts At least >2 plaintexts are required  uncertainty multiplies AsiaCrypt Marcel Medwed

Download ppt "Unknown Input Attacks in the Parallel Setting Improving the Security of the CHES 2012 Leakage Resilient PRF Marcel Medwed François-Xavier Standaert Ventzislav."

Similar presentations

1 KCipher-2 KDDI R&D Laboratories Inc.. ©KDDI R&D Laboratories Inc. All rights Reserved. 2 Introduction LFSR-based stream ciphers Linear recurrence between.

1 KCipher-2 KDDI R&D Laboratories Inc.. ©KDDI R&D Laboratories Inc. All rights Reserved. 2 Introduction LFSR-based stream ciphers Linear recurrence between.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.

Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
Statistical Tools Flavor Side-Channel Collision Attacks

Statistical Tools Flavor Side-Channel Collision Attacks
Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity 1.

Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity 1.
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS 2012- Singapore.

Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS Singapore.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Exploring timing based side channel attacks against 802.11i CCMP Suman Jana, Sneha K. Kasera University of Utah Introduction

Exploring timing based side channel attacks against i CCMP Suman Jana, Sneha K. Kasera University of Utah Introduction
1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.

1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.

RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …

Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Linear Fault Analysis of Block Ciphers Zhiqiang Liu 1, Dawu Gu 1, Ya Liu 1, Wei Li 2 1. Shanghai Jiao Tong University 2. Donghua University ACNS 2012 June.

Linear Fault Analysis of Block Ciphers Zhiqiang Liu 1, Dawu Gu 1, Ya Liu 1, Wei Li 2 1. Shanghai Jiao Tong University 2. Donghua University ACNS 2012 June.
One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.

One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.

On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.

Similar presentations

Ads by Google