Skip to main content
SpringerLink
Log in

Hiding Higher-Order Side-Channel Leakage

Randomizing Cryptographic Implementations in Reconfigurable Hardware

  • Conference paper
  • First Online:
Topics in Cryptology – CT-RSA 2017 (CT-RSA 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10159))

Included in the following conference series:

Abstract

First-order secure Threshold Implementations (TI) of symmetric cryptosystems provide provable security at a moderate overhead; yet attacks using higher-order statistical moments are still feasible. Cryptographic instances compliant to Higher-Order Threshold Implementation (HO-TI) can prevent such attacks, however, usually at unacceptable implementation costs. As an alternative concept we investigate in this work the idea of dynamic hardware modification, i.e., random changes and transformations of cryptographic implementations in order to render higher-order attacks on first-order TI impractical. In a first step, we present a generic methodology which can be applied to (almost) every cryptographic implementation. In order to investigate the effectiveness of our proposed strategy, we use an instantiation of our methodology that adapts ideas from White-Box Cryptography and applies this construction to a first-order secure TI. Further, we show that dynamically updating cryptographic implementations during operation provides the ability to avoid higher-order leakages to be practically exploitable.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    For a more detailed description, please refer to the original articles [4, 15, 16].

  2. 2.

    Given for instance a linear operation within a cryptographic implementation (e.g., MixColumns of the AES algorithm) and the application of linear encoding functions would allow to keep encoded intermediate values. However, the decoding function then has to consider the inversion of the linear operation as well.

References

  1. Side-Channel AttacK User Reference Architecture. http://satoh.cs.uec.ac.jp/SAKURA/index.html

  2. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_4

    Chapter  Google Scholar 

  3. Beyne, T., Bilgin, B.: Uniform First-Order Threshold Implementations. Cryptology ePrint Archive, Report 2016/715 (2016). http://eprint.iacr.org/2016/715

  4. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Higher-order threshold implementations. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 326–343. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45608-8_18

    Google Scholar 

  5. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  6. Chow, S., Eisen, P., Johnson, H., Oorschot, P.C.: A white-box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003). doi:10.1007/978-3-540-44993-5_1

    Chapter  Google Scholar 

  7. Chow, S., Eisen, P., Johnson, H., Oorschot, P.C.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003). doi:10.1007/3-540-36492-7_17

    Chapter  Google Scholar 

  8. Delerablée, C., Lepoint, T., Paillier, P., Rivain, M.: White-box security notions for symmetric encryption schemes. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 247–264. Springer, Heidelberg (2014). doi:10.1007/978-3-662-43414-7_13

    Chapter  Google Scholar 

  9. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9

    Google Scholar 

  10. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  11. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)

    MATH  Google Scholar 

  12. Mentens, N., Gierlichs, B., Verbauwhede, I.: Power and fault analysis resistance in hardware through dynamic reconfiguration. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 346–362. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85053-3_22

    Chapter  Google Scholar 

  13. Moradi, A., Mischke, O.: Comprehensive evaluation of AES dual ciphers as a side-channel countermeasure. In: Qing, S., Zhou, J., Liu, D. (eds.) ICICS 2013. LNCS, vol. 8233, pp. 245–258. Springer, Heidelberg (2013). doi:10.1007/978-3-319-02726-5_18

    Chapter  Google Scholar 

  14. Moradi, A., Wild, A.: Assessment of hiding the higher-order leakages in hardware. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 453–474. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48324-4_23

    Chapter  Google Scholar 

  15. Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006). doi:10.1007/11935308_38

    Chapter  Google Scholar 

  16. Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  17. Poschmann, A., Moradi, A., Khoo, K., Lim, C., Wang, H., Ling, S.: Side-channel resistant crypto for less than 2,300 GE. J. Cryptol. 24(2), 322–345 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  18. Reparaz, O., Bilgin, B., Nikova, S., Gierlichs, B., Verbauwhede, I.: Consolidating masking schemes. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 764–783. Springer, Heidelberg (2015). doi:10.1007/978-3-662-47989-6_37

    Chapter  Google Scholar 

  19. Sasdrich, P., Moradi, A., Güneysu, T.: Affine equivalence and its application to tightening threshold implementations. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 263–276. Springer, Heidelberg (2016). doi:10.1007/978-3-319-31301-6_16

    Chapter  Google Scholar 

  20. Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48324-4_25

    Chapter  Google Scholar 

  21. Schneider, T., Moradi, A.: Leakage assessment methodology - extended version. J. Cryptogr. Eng. 6(2), 85–99 (2016)

    Article  Google Scholar 

  22. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_44

    Chapter  Google Scholar 

  23. Xiao, Y., Lai, X.: A secure implementation of white-box AES. In: 2nd International Conference on Computer Science and its Applications (2009)

    Google Scholar 

Download references

Acknowledgment

This work has been co-funded by the Commission of the European Communities through the Horizon 2020 program under project number 645622 PQCRYPTO.

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT-Security, Ruhr-Universität Bochum, Bochum, Germany

    Pascal Sasdrich & Amir Moradi

  2. University of Bremen & DFKI, Bremen, Germany

    Tim Güneysu

Authors
  1. Pascal Sasdrich
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amir Moradi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tim Güneysu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pascal Sasdrich .

Editor information

Editors and Affiliations

  1. Cryptography Research Inc. , San Francisco, California, USA

    Helena Handschuh

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Sasdrich, P., Moradi, A., Güneysu, T. (2017). Hiding Higher-Order Side-Channel Leakage. In: Handschuh, H. (eds) Topics in Cryptology – CT-RSA 2017. CT-RSA 2017. Lecture Notes in Computer Science(), vol 10159. Springer, Cham. https://doi.org/10.1007/978-3-319-52153-4_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-52153-4_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-52152-7

  • Online ISBN: 978-3-319-52153-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation