谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Xie Jun,Sun Wei,Gu Dawu,Guo Zheng,Liu Junrong,Bao Sigang,Ma Bo

DOI: https://doi.org/10.2991/csic-15.2015.24

2015-01-01

Abstract:The HMAC algorithm is widely used to provide authentication and message integrity in digital communications. However, if the HMAC cryptographic algorithm is implemented in cryptographic circuit, it is vulnerable to side-channel attacks. A typical example is that in 2007, McEvoy proposed an attack strategy for hardware-based implementation of HMAC-SHA2. In this paper, we research on SM3 cryptographic hash algorithm and propose a DPA attack strategy for the software-based implementation of HMAC-SM3. In the experiment, we launch a successful DPA attack on the practical cryptographic circuit and then discuss the security issues about the software-based implementation of HMAC-SM3.

Limin Guo,Lihui Wang,Qing Li,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.25

2015-01-01

Abstract:HMAC algorithm is one of the most famous keyed hash functions, and widely utilized. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithms implementations are vulnerable against side channel attacks. But specific side channel attacks on HMAC-SM3 have not been given so far. This paper presents a first-order DPA attack on HMAC-SM3. HMAC-SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of HMAC-SM3 in a smart card, which demonstrate the practicability of such attacks described in this paper.

Limin Guo,Lihui Wang,Dan Liu,Weijun Shan,Zhimin Zhang,Qing Li,Jun Yu

DOI: https://doi.org/10.1109/cis.2015.91

2015-01-01

Abstract:The HMAC algorithm involves a hash function with a secret key. And SM3 is the only standard hash algorithm of China. HMAC-SM3 algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the classical side-channel attacks on it are mainly against these basic group operations and need to exploit multiple leakage models. Therefore, the attack procedures are complicated. What's more, it is difficult to recover the whole inner keyed state if the noise level of the target implementation are relatively high. In this paper, we present a chosen-plaintext differential power analysis attack on HMAC-SM3. The new proposed chosen-plaintext attack method is simply against modulo addition operation and can be easily carried out by collecting power consumption traces four times while certain chosen messages are processed by the target device separately. Experimental results are given using an implementation of HMAC-SM3 algorithm in a smart card.

Jian Guo,Yu Sasaki,Lei Wang,Shuang Wu

2015-01-01

Abstract:In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on “original” key recovery for HMAC (previous works only succeeded in recovering the equivalent keys). Interestingly, the number of attacked rounds is comparable with that for collision and preimage attacks on Whirlpool hash function itself. Lastly, we present a distinguishing-H attack against the full HMACand NMAC-Whirlpool.

Jian Guo,Yu Sasaki,Lei Wang,Meiqin Wang,Long Wen

DOI: https://doi.org/10.1007/978-3-662-46706-0_29

2015-01-01

Abstract:A main contribution of this paper is an improved analysis against HMAC instantiating with reduced Whirlpool. It recovers equivalent keys, which are often denoted as K-in and K-out, of HMAC with 7-round Whirlpool, while the previous best attack can work only for 6 rounds. Our approach is applying the meet-in-the-middle (MITM) attack on AES to recover MAC keys of Whirlpool. Several techniques are proposed to bypass different attack scenarios between a block cipher and a MAC, e.g., the chosen plaintext model of the MITM attacks on AES cannot be used for HMAC-Whirlpool. Besides, a larger state size and different key schedule designs of Whirlpool leave us a lot of room to study. As a result, equivalent keys of HMAC with 7-round Whirlpool are recovered with a complexity of (Data, Time, Memory) = (2(481.7), 2(482.3), 2(481)).

Ye Yuan,Kai-ge Qu,Li-ji Wu,Jia-wei Ma,Xiang-min Zhang

DOI: https://doi.org/10.1631/fitee.1800312

IF: 2.526

2019-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Hash-based message authentication code (HMAC) is widely used in authentication and message integrity. As a Chinese hash algorithm, the SM3 algorithm is gradually winning domestic market value in China. The side channel security of HMAC based on SM3 (HMAC-SM3) is still to be evaluated, especially in hardware implementation, where only intermediate values stored in registers have apparent Hamming distance leakage. In addition, the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis. In this paper, a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation. Real attack experiments on a field programmable gate array (FPGA) board have been performed. Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.

Wei Li,Zhiyong Gao,Dawu Gu,Chenyu Ge,Linfeng Liao,Zhihong Zhou,Ya Liu,Zhiqiang Liu

DOI: https://doi.org/10.3837/tiis.2017.01.028

2016-01-01

Abstract:With the advancement and deployment of leading-edge telecommunication technologies for sensing and collecting, computing related information, Cloud of Things (CoTs) has emerged as a typical application platform that is envisioned to revolutionize the daily activities of human society, such as intelligent transportation, modern logistics, food safety, environmental monitoring, etc. To avoid any possible malicious attack and resource abuse, employing hash functions is widely recognized as one of the most effective approaches for CoTs to achieve message integrity and data authentication. The Whirlpool hash function has served as part of the joint ISO/IEC 10118-3 International Standard by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). In this paper, we propose an effective differential fault analysis on Whirlpool in the byte-oriented random fault model. The mathematical analysis and experimental results show that 8 random faults on average are required to obtain the current 512-bit message input of whirlpool and the secret

Han Gan,Hongxin Zhang,Muhammad Saad Khan,Xueli Wang,Fan Zhang,Pengfei He

DOI: https://doi.org/10.1109/cc.2017.8068768

2017-01-01

China Communications

Abstract:Correlation power analysis (CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts (RPIs) becomes an important factor of the power analysis attack efficiency, which will cost more traces or attack time. To address the issue, an improved method about empirical mode decomposition (EMD) was proposed. Instead of restructuring the decomposed signals of intrinsic mode functions (IMFs), we extract a certain intrinsic mode function (IMF) as new feature signal for CPA attack. Meantime, a new attack assessment is proposed to compare the attack effectiveness of different methods. The experiment shows that our method has more excellent performance on CPA than others. The first and the second IMF can be chosen as two optimal feature signals in CPA. In the new method, the signals of the first IMF increase peak visibility by 64% than those of the tradition EMD method in the situation of non-noise. On the condition of different noise interference, the orders of attack efficiencies are also same. With external noise interference, the attack effect of the first IMF based on noise with 15dB is the best.

Xiaofei Dong,Fan Zhang,Samiya Queshi,Yiran Zhang,Ziyuan Liang,Bolin Yang,Feng Gao

DOI: https://doi.org/10.1109/asianhost.2018.8607162

2018-01-01

Abstract:Random delay insertion is a simple yet rather effective technique to increase the difficulty for traditional power analysis. However as compared to the random masking technique, it is uncommonly used as a countermeasure considering the frequency analysis. In this paper, it is investigated that the frequency analysis may not work as efficiently as expected when facing to advanced random delay countermeasures. Hence, a novel attack is proposed which is in the wavelet domain. After preprocessing the wavelet coefficients of power traces with wavelet decomposition, the effects of multiple random delays can be removed. Two attack strategies are proposed to recover the secret key: either indirectly from the reconstructed power traces without random delays or directly from the processed wavelet coefficients. Our experimental results show that the wavelet-based power analysis attack can perform much better than those frequency-based ones, which is evaluated through several standard metrics to show the efficiency and robustness.

Junrong Liu,Dawu Gu,Zheng Guo

DOI: https://doi.org/10.1109/cis.2010.75

2010-01-01

Abstract:In this paper we discuss correlation power analysis attack against stream cipher MICKEY v2. In such attacks, we use Hamming-Distance model to simulate the power consumption. Hamming-Distance model is a more accurate description to power consumption than other models such as Hamming-Weight, bit model etc. Generally, Hamming-Distance model is used to map the transitions that occur at the cells' outputs of a CMOS circuit to the values of power consumption. In our attacks, we propose the Hamming-Distance model based on internal nodes of XOR gates considering that the basic structure of MICKEY v2 is a two-input and a three-input XOR gate. We simulate the power which is coming from not only the output of gate but also the internal nodes. This model is more accurate than before ones because we simulate the power consumption of all transistors consumed. Then we designed the attack way to MICKEY v2 by this model. And finally we simulate the result of attacking. The result shows that it needs only few or ten power traces during initialization for us to reveal the secret key by using weakness of MICKEY v2 initialization when resynchronization.

Jia-wei Ma,Xu-guang Guan,Tong Zhou,Tao Sun

DOI: https://doi.org/10.1109/asicon.2017.8252479

2017-01-01

Abstract:With the application of Hash-based Message Authentication Code(HMAC) in the field of security, the research on its Side Channel Attack(SCA) has been paid more and more attention. In this paper, a new countermeasure against side channel attack for HMAC-SM3 is proposed, which uses the ring oscillator technology to construct the power disorder module. Through analyzing the power consumption of the improved HMAC-SM3 hardware circuit on FPGA, we proved the effectiveness of this countermeasure. Compared with the traditional masking protection technique, the power disorder module has the advantages of simpler design, less hardware cost, and no influence on the performance at all.

Owen Lo,William J. Buchanan,Douglas Carson

DOI: https://doi.org/10.1080/23742917.2016.1231523

2016-09-19

Journal of Cyber Security Technology

Abstract:This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontroller. The DPA attack we implement is referred to as the Difference of Means attack while the CPA attack is implemented by building a power model of the device using the Hamming Weight Power Model method. The cryptographic algorithm we have chosen to attack is AES-128. In particular, the AddRoundKey and SubBytes functions of this algorithm are implemented on an Arduino Uno and we demonstrate how the full 16-byte cipher key can be deduced using the two techniques by monitoring the power consumption of the device during cryptographic operations. The results of experimentation find that both forms of attack, DPA and CPA, are viable against the Arduino Uno. However, it was found that CPA produces results which are easier to interpret from an analytical perspective. Thus, our contributions in this article is providing a side-by-side comparison on how applicable these two power analysis attack techniques are along with providing a methodology to enable readers to replicate and learn how one may perform such attacks on their own hardware.

Yu Sasaki,Lei Wang,Shuang Wu,Wenling Wu

DOI: https://doi.org/10.1007/978-3-642-34961-4_34

2012-01-01

Abstract:In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2(481) computations while the previous best attack is for 5 rounds with 2(481.5) computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2(120) computations, while the previous best attack is for 7 rounds with 2(184) computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported.

李元,刘政林,邹雪城,韩煜,陈毅成

IF: 1.992

2008-01-01

Microelectronics Journal

Abstract:An Atmel AT89C55 microcontroller was used to construct a real attack platform of cipher circuits.Power analyses against opcode and operand were conducted on this low-cost platform.Measured results showed that there existed a linear relationship between hamming weight of changing operand and difference of measuring power.Unit hamming weight would cause approximately 5 mV of power deviation under experimental conditions.Using differential power analysis (DPA)and correlation power analysis (CPA), the encrypted operation of advanced encryption standard (AES)was attacked.Experimental results showed that the CPA method had a higher success rate, and the1 number of plaintext samples and average filtering could significantly affect SNR of correlation coefficients.

Limin Guo,Lihui Wang,Qing Li,Jun Yu,Peng Luo

DOI: https://doi.org/10.1109/cis.2015.92

2015-01-01

Abstract:Dynamic password technology is widely utilized for identity authentication, which depends on using hash functions, such as SM3. And SM3 hash algorithm is based on the mixing of different group operations, such as XOR and addition modulo 232. In this paper, we present two original first-order differential power analysis attacks on dynamic password token based on SM3 algorithm. The two proposed DPA attacks are against XOR and addition modulo 232 operation respectively. Experimental results show that dynamic password token based on SM3 algorithm is vulnerable to side channel attacks, no matter implemented in software or hardware. We also provide a masked implementation of the algorithm, which is designed to avoid those proposed attacks.

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/itng.2007.152

2007-01-01

Abstract:Power analysis can exploit the instantaneous power consumptions of elliptic curve cryptography (ECC) devices and retrieve secret keys. Many countermeasures have been proposed to make ECC implementations secure. One of the approaches is the randomized algorithms proposed by Oswald et al., which combine two scalar point multiplication algorithms and use random variables to decide which algorithm to follow at different stages of the computation. In this paper, we describe a power analysis attack that can break randomized automata proposed by Oswald et al. effectively, even with a small number of power traces

Jie Li,Weiwei Shan,Chaoxuan Tian

DOI: https://doi.org/10.4028/www.scientific.net/amm.121-126.867

2011-01-01

Applied Mechanics and Materials

Abstract:In order to evaluate the security of Application Specific Integrated Circuit (ASIC) implemented cryptographic algorithms at an early design stage, a Hamming distance model based power analysis is proposed. The Data Encryption Standard (DES) algorithm is taken as an example to illustrate the threats of differential power analysis (DPA) attack against the security of ASIC chip. A DPA attack against the ASIC implementation of a DES algorithm is realized based on hamming distance power model (HD model), and it realized the attack by successfully guessing the right 48-bit subkey. This result indicates that the power analysis attack based on the HD model is simple, rapid and effective for the design and evaluation of security chips.

Aiguo Bu,Wentao Dai,Minyi Lu,Hao Cai,Weiwei Shan

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00288

2018-01-01

Abstract:In recent years, side channel attacks (SCA) have become the most powerful method of stealing keys from cryptographic devices. This paper establishes a complete process of electromagnetic analysis attack based on correlation between energy traces and intermediate data in AES encryption algorithm. A novel method of preprocessing energy traces, which combines wavelet reconstruction with low-pass filtering, is proposed to enhance the capability to obtain correct key information of AES. Correlation-based power analysis attack (CPA) and electromagnetic analysis attack (CEMA) are implemented on the unprotected AES encryption circuit in the SAKURA-G FPGA board. The results clearly show that only 972 and 1069 energy traces are required to find all 16-byte keys. With only collecting 200 traces, CEMA presents more efficient attack capability than CPA. Thus, our proposed method is appropriate for obtaining key information of cryptographic devices.