谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Siyang Yu,Kenli Li,Yunchuan Qin,Shaohua Tang

DOI: https://doi.org/10.1109/HPCC.and.EUC.2013.231

2013-01-01

Abstract:In this paper, we apply a protective strategy to the AES encryption algorithm. In order to reduce power consumption and correlation in the process of arithmetic operations, we change the trigger number and location in the hardware implementation by modifying the structure of the algorithm. Through the simulation platform, our Advanced Encryption Standard algorithm can effectively resist the Differential Power Analysis and Correlation power analysis. Compared with the mask and dynamic differential logic, the policy doesn't increase the complexity of the algorithm and the area.

Liu Leibo,Zhu Min,Wu Youyu,Luo Kai,Yin Shouyi,Wei Shaojun

2016-01-01

Abstract:The invention discloses an AES (Advanced Encryption Standard) encryption method and a power attack resisting method based on the same; the AES encryption method comprises the following steps: grouping clear data; carrying out XOR operation on an input and an expanded secret key of a round function; carrying out data replacement with an S box having an 8-bit input and a 32-bit output; shifting 32-bit data output by the S box; carrying out the XOR operation correspondingly on the 32-bit data output by row shifting operation; carrying out the XOR operation on the expanded secret key; carrying out the data replacement with the S box having the 8-bit input and the 8-bit output; carrying out the XOR operation with the expanded secret key; and outputting encrypted data. The invention has the following advantages: the operations needed by each of the steps in the encryption method only have table look-up, shifting and XOR, so the logic implementation is relatively simple and efficient; and the power attack resisting method has mixcolumn, so the power attack resisting effect is good.

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/ITNG.2008.183

2008-01-01

Abstract:Elliptic curve cryptography (ECC) has been adopted in many systems because it requires shorter keys than traditional public-key algorithms in primary fields. However, power analysis attacks can exploit the power consumption of ECC devices to retrieve secret keys. In this paper, we propose an efficient window-based countermeasure that is secure against existing power analysis attacks. Compared to previous counter- measures, our method has low memory overhead, requiring only a table of w+1 entries when the window size is w bits. It also has better performance than many algorithms that perform one point addition or subtraction for every bit in the scalar.

Tingyuan Nie,Lijian Zhou,Zhe-Ming Lu

DOI: https://doi.org/10.1049/iet-sen.2012.0137

2013-01-01

IET Software

Abstract:With the increasingly extensive application of networking technology, security of network becomes significant than ever before. Encryption algorithm plays a key role in construction of a secure network system. However, the encryption algorithm implemented on resource-constrained device is difficult to achieve ideal performance. The issue of power consumption becomes essential to performance of data encryption algorithm. Many methods are proposed to evaluate the power consumption of encryption algorithms yet the authors do not ensure which one is effective. In this study, they give a comprehensive review for the methods of power evaluation. They then design a series of experiments to evaluate the effectiveness of three main types of methods by implementing several traditional symmetric encryption algorithms on a workstation. The experimental results show that external measurement and software profiling are more accurate than that of uninterruptible power system battery. The improvement of power consumption is 27.44 and 33.53% which implies the method of external measurement and software profiling is more effective in power consumption evaluation.

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/itng.2007.152

2007-01-01

Abstract:Power analysis can exploit the instantaneous power consumptions of elliptic curve cryptography (ECC) devices and retrieve secret keys. Many countermeasures have been proposed to make ECC implementations secure. One of the approaches is the randomized algorithms proposed by Oswald et al., which combine two scalar point multiplication algorithms and use random variables to decide which algorithm to follow at different stages of the computation. In this paper, we describe a power analysis attack that can break randomized automata proposed by Oswald et al. effectively, even with a small number of power traces

LIU Peng,WEI Lian-feng

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.10.006

2008-01-01

Abstract:To be more secure,crypto-chips should be protected against simple power analysis attack and differential power analysis attack.Three technologies of differential power analysis are described and the performance of them is compared.To counter power analysis software and hardware level solutions are developed,but none of them achieved a total prevention of such attacks.The combi-nation of software and hardware is higher-efficiency in countermeasures to power analysis.Finally research directions are discussed.

Guo Zheng,Gu Dawu,Lu Haining,Liu Junrong,Xu Sen,Bao Sigang,Gu Haihua

DOI: https://doi.org/10.1109/cc.2015.7084387

2015-01-01

China Communications

Abstract:Power analysis is a non-invasive attack against cryptographic hardware, which effectively exploits runtime power consumption characteristics of circuits. This paper proposes a new power model which combines Hamming Distance model and the model based on the template value of power consumption in combinational logic circuit. The new model can describe the power consumption characteristics of sequential logic circuits and those of combinational logic as well. The new model can be used to improve the existing power analysis methods and detect the information leakage of power consumption. Experimental results show that, compared to CPA(Correlation Power Analysis) method, our proposed attack which adopt the combinational model is more efficient in terms of the number of required power traces.

Hongying Liu,Ying Zhou,Yibo Fan,Yukiyasu Tsunoo,Satoshi Goto

DOI: https://doi.org/10.1016/j.proeng.2011.08.395

2011-01-01

Abstract:Advanced Encryption Standard (AES) is widely used symmetric cryptographic algorithm due to its ease in implementation on hardware and software. A number of works have been carried out on the reduction of power consumption of AES cores. Furthermore, the security of its implementation against side channel attacks also draws extensive attention. Various countermeasures that protect it from attack have been proposed. However not all of them is sufficient for high throughput applications. In this paper, we design and implement a differential power analysis (DPA) resistant AES core on Side-channel Attack Standard Evaluation Board. It is not only compact but also secure. The throughput is 2.56Gbps at 200MHz. By adding a set of registers and a random generator, the data-dependent encryption is hidden from observation. The experiments of DPA attack substantiate its effectiveness.

Lifu Cheng,Youyou Zhao,Jinjiang Yang,Leibo Liu

DOI: https://doi.org/10.1088/1742-6596/1856/1/012054

2021-01-01

Journal of Physics Conference Series

Abstract:Abstract The implantation security of cryptographic algorithm is very important. This paper proposes a method to resist power consumption attack for lightweight cryptographic algorithms. Using bit permutation operation as a countermeasure, we ensure that the position of each data of the original intermediate value data has changed after the bit is permutated, which greatly increases the difficulty of the attack. SKINNY is taken as an example for evaluate the effect of the proposed countermeasure. The experiment results show that the key will not reveal over 100,000 energy traces by using the countermeasure.

Xiaofei Dong,Fan Zhang,Samiya Queshi,Yiran Zhang,Ziyuan Liang,Bolin Yang,Feng Gao

DOI: https://doi.org/10.1109/asianhost.2018.8607162

2018-01-01

Abstract:Random delay insertion is a simple yet rather effective technique to increase the difficulty for traditional power analysis. However as compared to the random masking technique, it is uncommonly used as a countermeasure considering the frequency analysis. In this paper, it is investigated that the frequency analysis may not work as efficiently as expected when facing to advanced random delay countermeasures. Hence, a novel attack is proposed which is in the wavelet domain. After preprocessing the wavelet coefficients of power traces with wavelet decomposition, the effects of multiple random delays can be removed. Two attack strategies are proposed to recover the secret key: either indirectly from the reconstructed power traces without random delays or directly from the processed wavelet coefficients. Our experimental results show that the wavelet-based power analysis attack can perform much better than those frequency-based ones, which is evaluated through several standard metrics to show the efficiency and robustness.

Yu Bo,Li Xiangyu,Chen Cong,Sun Yihe,Wu Liji,Zhang Xiangmin

DOI: https://doi.org/10.1088/1674-4926/33/6/065009

2012-01-01

Abstract:This paper presents an AES (advanced encryption standard) chip that combats differential power analysis (DPA) side-channel attack through hardware-based random order execution. Both decryption and encryption procedures of an AES are implemented on the chip. A fine-grained dataflow architecture is proposed, which dynamically exploits intrinsic byte-level independence in the algorithm. A novel circuit called an HMF (Hold-Match-Fetch) unit is proposed for random control, which randomly sets execution orders for concurrent operations. The AES chip was manufactured in SMIC 0.18 μm technology. The average energy for encrypting one group of plain texts (128 bits secrete keys) is 19 nJ. The core area is 0.43 mm2. A sophisticated experimental setup was built to test the DPA resistance. Measurement-based experimental results show that one byte of a secret key cannot be disclosed from our chip under random mode after 64000 power traces were used in the DPA attack. Compared with the corresponding fixed order execution, the hardware based random order execution is improved by at least 21 times the DPA resistance.

Septafiansyah Dwi Putra,Arwin Datumaya Wahyudi Sumari,Adang Suwandi Ahmad,Sarwono Sutikno,Yusuf Kurniawan

DOI: https://doi.org/10.1007/978-3-030-35642-2_4

2020-01-01

Abstract:Digital communication systems as the part of big data are utilized to transmit data and information. The increase of the digital communication system utilization will increase the value of information and on the other hand also induces an increase in the number of attacks on such systems. Side Channel Attack (SCA) is an attack model that could disrupt the information security when hardware implements a cryptographic algorithm. Differential Power Analysis (DPA), a kind of SCA, can reveal 75% of secret key used in encryption hardware. Other techniques called Correlation Power Analysis (CPA) which uses correlation factor between trace and hamming weight from the input of key generation can reveal the right secret key of Advanced Encryption Standard (AES) in significantly shorter span of time. The objective of this research is to design and implement an electronic countermeasure to deal with power analysis attack. The attacking aspect is reviewed as a form of identification of the correct countermeasure method against power analysis attack using Cognitive Artificial Intelligence (CAI)‘s method called cognitive countermeasure approach in an AES encryption device. Our main contribution is in the design of cognitive-countermeasure by altering the measured power consumption in affecting the secret key value of power analysis. The measured signal is altered by generating random masking value using CAI’s information fusion. CAI is a new perspective in Artificial Intelligence which is characterized by its capability to grow new knowledge based on the information from the sensory system. The random alteration of measured signal and continuous evolution of the masking value by using CAI’s information fusion is very significant in tackling the risk of power analysis. We also succeeded in implementing an AES encryption device based on CAI method on the Field-Programmable Gate Array (FPGA) platform.

Jiangsha Ma,Xiangyu Li,Moyang Wang

DOI: https://doi.org/10.1049/el.2014.1559

2014-01-01

Electronics Letters

Abstract:A power analysis attack countermeasure, called power-awareness-based hiding, is proposed. It is effective in implementing nonlinear operations, S-boxes, in cryptographic algorithms. An advanced encryption standard (AES) S-box circuit has been implemented in this approach using the Domino logic array style. The post-layout simulation results show that the power-aware hiding AES S-box achieves a delay of 1.56 ns and a mean power consumption of 3.57 mW. The proposed method improves the power delay product by 65%, the normalised energy deviation by 43% and the normalised standard deviation by 30% compared to other secure methods.

Cong Chen,Xiangyu Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/ICSICT.2010.5667831

2010-01-01

Abstract:In this paper, an automatic general-purpose Differential Power Analysis (DPA) System for cryptographic devices is designed and implemented. This system aims at testing the security of cryptographic devices, e.g., Smart Card, FPGA and ASIC circuit against DPA attacks. To verify the effectiveness of the system, a DPA attack was successfully carried out by it on an AES cryptographic ASIC chip which had countermeasures implemented in it. The experimental results showed that the correct cipher key of this AES chip could be obtained during less than 3 hours of data processing time with at least 5000 power traces.

Jie Cui,Liusheng Huang,Hong Zhong,Chinchen Chang,Wei Yang

2011-01-01

Abstract:S-box is a unique nonlinear operation in Rijndael, one encryption algorithm chosen as AES, and it, determines the performance of AES. In this paper, the weaknesses in complexity and security of AES S-box are analyzed. We propose to increase the complexity and security of AES S-box by modifying the affine transformation and adding an affine transformation. Performance analysis demonstrates that the improved AES S-box has following cryptographic properties: the affine transformation period is increased from 4 to the most 16, the iterative period is increased from less than 88 to the most 256, and the distance to SAC is reduced from, 432 to 372. Moreover, the number of terms in the improved AES S-box algebraic expression is increased from 9 to 255, and its inverse S-box keeps almost the same as AES inverse S-box. Comparison results suggest that the improved AES S-box has better performance and can readily be applied to AES.

Liu Lifei,Cui Xiaole,Ran Yalin,Cui Xiaoxin

DOI: https://doi.org/10.1109/ASICON.2015.7517206

2015-01-01

Abstract:Elliptic Curve Cryptosystem (ECC) is one of the most advantageous cryptosystems because of the shortened number of key bits when compared with RSA at the same security level. However, just as the other cryptosystems, ECC hardware is vulnerable to the side-channel analysis attacks which have been proposed. Power Analysis Attack (PA), as one of the most popular side-channel analysis attacks, is implemented easily, so more and more works concentrate on it. This work proposes a countermeasure to resist against Power Analysis. Then we design a unified hardware architecture which is multi-purpose and implementation to verify the effectiveness of the proposed method. The experiment results of FPGA verification platform show that the protected hardware can defend DPA with up to 105 measured power traces.

Hasindu Gamaarachchi,Harsha Ganegoda

DOI: https://doi.org/10.48550/arXiv.1801.00932

2018-01-03

Abstract:Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing the cryptographic operation. Then those traces are statistically analysed using methods such as Correlation Power Analysis (CPA) to derive the secret key of the system. Being possible to break Advanced Encryption Standard (AES) in few minutes, power analysis attacks have become a serious security issue for cryptographic devices such as smart card. As the first phase of our project, we build a testbed for doing research on power analysis attacks. As power analysis is a practical type of attack in order to do any research, a testbed is the first requirement. Since building a test bed is a complicated process, having a pre-built testbed would save the time of future researchers. The second phase of our project is to attack the latest cryptographic algorithm called Speck which has been released by National Security Agency (NSA) for use in embedded systems. In spite it has lot of differences to AES making impossible to directly use the power analysis approach used for AES, we introduce novel approaches to break Speck in less than an hour. In the third phase of the project, we select few already introduced countermeasures and practically attack them on our testbed to do a comparative analysis. We show that software countermeasures such as random instruction injection and randomly shuffling S-boxes are good enough for their simplicity and cost. But we identify the possible threat due to the problem of generating a good seed for the pseudo-random algorithm running on the microcontroller. We attempt to address this issue by using a hardware-based true random generator that amplifies a random electrical signal and samples to generate a proper seed.

Cryptography and Security

Lihui Wang,Qing Li,Zhimin Zhang,Weijun Shan,David Wei Zhang

DOI: https://doi.org/10.2991/iset-15.2015.29

2015-01-01

Abstract:Elliptic Curve Cryptography (ECC) is becoming widely deployed in embedded cryptographic devices. However, simple power analysis (SPA) attacks may retrieve secret keys by exploiting the power consumption of ECC devices. To resist the SPA attack there appear a number of countermeasures and the most widely used methods are Montgomery ladder and double-and-add-always algorithm. This paper proposes a refined simple power analysis attack to these countermeasures. Experimental results on smart cards demonstrate that this attack method can retrieve secret keys by distinguishing the power consumption of different jump instructions if the implementation of ECC's countermeasure is not carefully designed. The experiments also demonstrate that the proposed countermeasure in this paper can resist this kind of SPA attack

Wei Sun,Jun-Rong Liu,Da-Wu Gu,Zheng Guo,Jun Xie,Bo Ma

2015-01-01

Abstract:Nowadays, cryptographic circuits have been widely used in many fields such as finance, transportation and government business. Such devices have software and hardware implementations, as they both have certain weakness and constraints. In this paper, we research on both software and hardware cryptographic circuits based on the side channel technology. By using different power leakage models, we can point out the weakness operations of a cryptographic circuit that leaks secret information. Furthermore, we research on the differences between software and hardware implementations of SM3-HMAC, and propose power analysis methods respectively.