谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Xiaowei Han,Beibei Wang,An Wang,Liji Wu,Woogeun Rhee

DOI: https://doi.org/10.1109/CIS.2014.116

2014-01-01

Abstract:SM2 is a public-key cryptography algorithm which is based on elliptic curves. Since the side channel leakage of devices can be used to deduce the information of secret keys, algorithms to implement SM2 need to be improved. In this paper, we propose an initialized masking scalar multiplication algorithm (IMSM), a modified atomic point doubling and point addition algorithm (MADA), and a transformed formula countermeasure (TFCS). Analysis shows they can resist Simple Power Analysis (SPA), Differential Power Analysis and Template Attacks. IMSM and MADA have been verified to resist SPA on FPGA board successfully. Compared to Binary Expansion with RIP algorithm, 28.6% calculations can be saved when the scalar is divided into four parts, which is rather fast.

Munkhbaatar Chinbat,Liji Wu,Xiangmin Zhang,Altantsooj Batsukh,Yifan Yang,Le Wu

DOI: https://doi.org/10.1109/asid60355.2023.10426450

2023-01-01

Abstract:CRYSTALS-Kyber is a new algorithm that the NIST recently selected to standardize public-key encryption and key establishment. Therefore, studies are needed to evaluate the side-channel attack resistance of CRYSTALS-Kyber implementations. This paper presents a simple power analysis of a CRYSTALS-Kyber hardware implementation with the security parameter k=3. Since hardware implementations perform computations in parallel, the power consumption of each operation is difficult to quantify. The entire power consumption trace was identified using 6,072,500 samples during the CCAKEM implementation of Kyber. A significant part of the message encoding power consumption occurred during decapsulation. These findings show that existing hardware implementations of CRYSTALS-Kyber require effective countermeasures to efficiently resist side-channel attacks.

Fan Zhang,Bolin Yang,Xiaofei Dong,Sylvain Guilley,Zhe Liu,Wei He,Fangguo Zhang,Kui Ren

DOI: https://doi.org/10.1109/tc.2020.3020407

IF: 3.183

2020-11-01

IEEE Transactions on Computers

Abstract:The implementations of post-quantum cryptographic algorithms have been newly explored, whereas, the protection against side-channel attacks shall be considered upfront, since it can have a non-negligible impact on security and performance. In this article, the security of supersingular isogeny key encapsulation (SIKE), a second-round candidate of NIST's on-going post-quantum standardization process, is thoroughly evaluated under side-channel analysis. First, the vulnerabilities of reference and optimized implementations of SIKE are thoroughly analyzed in terms of both horizontal and vertical side-channel leakage. After the optimized SIKE, which is based on Three-point Montgomery Differential Ladder algorithm, is proved to be constant-time and there is no horizontal leakage, a vertical vulnerability is analyzed based on the source code at the algorithmic level, and a theoretical differential power analysis (DPA) attack is proposed. In order to exploit this vulnerability, the differential electromagnetic attack (DEMA) is put into practice to extract the private key of SIKE based on a 32-bit ARM platform. To the best of our knowledge, this is the first practical side-channel attack at SIKE implemented on real ARM-based devices. Our experiments show that the DEMA needs only hundreds of electromagnetic traces to carry out the attack. More importantly, an efficient window-based countermeasure is proposed to eliminate the vertical leakage and prevent side-channel attacks with only a little overhead. The security of our countermeasure is carefully evaluated against most of well-known power analysis attacks. Through careful evaluation and comparison with other countermeasures, this method can lead to higher security at a very small cost in terms of time and memory.

engineering, electrical & electronic,computer science, hardware & architecture

Limin Guo,Lihui Wang,Qing Li,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.25

2015-01-01

Abstract:HMAC algorithm is one of the most famous keyed hash functions, and widely utilized. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithms implementations are vulnerable against side channel attacks. But specific side channel attacks on HMAC-SM3 have not been given so far. This paper presents a first-order DPA attack on HMAC-SM3. HMAC-SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of HMAC-SM3 in a smart card, which demonstrate the practicability of such attacks described in this paper.

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/ITNG.2011.70

2011-01-01

Abstract:In cryptography, a keyed-Hash Message Authentication Code (HMAC) is a type of message authentication code(MAC) calculated with a cryptographic hash function and a secret key. The security of the HMAC relies on the underlying hash function and the secret key. Whirlpool is a block cipher based hash algorithm that has been in public for about ten years. So far no effective attacks have been found on Whirlpool. As a result, HMAC with Whirlpool, i.e., HMAC-Whirlpool, is supposed to be secure. In this paper, we demonstrate that HMAC-Whirlpool is vulnerable to power analysis attacks. We designed two types of attacks: one is based on Differential Power Analysis (DPA) and the other on Correlation Power Analysis (CPA). We successfully launched the attacks at HMAC-Whirlpool running on an Atmel AVR processor. We also compared the attacks in terms of the number of power traces needed.

Jonathan López-Valdivieso,René Cumplido

DOI: https://doi.org/10.1145/3653459

IF: 2.837

2024-03-28

ACM Transactions on Reconfigurable Technology and Systems

Abstract:Advances in quantum computing have posed a future threat to today's cryptography. With the advent of these quantum computers, security could be compromised. Therefore, the National Institute of Standards and Technology (NIST) has issued a request for proposals to standardize algorithms for post-quantum cryptography (PQC), which is considered difficult to solve for both classical and quantum computers. Among the proposed technologies, the most popular choices are lattice-based (shortest vector problem) and hash-based approaches. Other important categories are public key cryptography (PKE) and digital signatures. Within the realm of digital signatures lies SPHINCS+. However, there are few implementations of this scheme in hardware architectures. In this article, we present a hardware-software architecture for the SPHINCS+ scheme. We utilized a free RISC-V (Reduced Instruction Set Computer) processor synthesized on a Field Programmable Gate Array (FPGA), primarily integrating two accelerator modules for Keccak-1600 and the Haraka hash function. Additionally, modifications were made to the processor to accommodate the execution of these added modules. Our implementation yielded a 15-fold increase in performance with the SHAKE-256 function and nearly 90-fold improvement when using Haraka, compared to the reference software. Moreover, it is more compact compared to related works. This implementation was realized on a Xilinx FPGA Arty S7: Spartan-7.

computer science, hardware & architecture

Hasindu Gamaarachchi,Harsha Ganegoda

DOI: https://doi.org/10.48550/arXiv.1801.00932

2018-01-03

Abstract:Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing the cryptographic operation. Then those traces are statistically analysed using methods such as Correlation Power Analysis (CPA) to derive the secret key of the system. Being possible to break Advanced Encryption Standard (AES) in few minutes, power analysis attacks have become a serious security issue for cryptographic devices such as smart card. As the first phase of our project, we build a testbed for doing research on power analysis attacks. As power analysis is a practical type of attack in order to do any research, a testbed is the first requirement. Since building a test bed is a complicated process, having a pre-built testbed would save the time of future researchers. The second phase of our project is to attack the latest cryptographic algorithm called Speck which has been released by National Security Agency (NSA) for use in embedded systems. In spite it has lot of differences to AES making impossible to directly use the power analysis approach used for AES, we introduce novel approaches to break Speck in less than an hour. In the third phase of the project, we select few already introduced countermeasures and practically attack them on our testbed to do a comparative analysis. We show that software countermeasures such as random instruction injection and randomly shuffling S-boxes are good enough for their simplicity and cost. But we identify the possible threat due to the problem of generating a good seed for the pseudo-random algorithm running on the microcontroller. We attempt to address this issue by using a hardware-based true random generator that amplifies a random electrical signal and samples to generate a proper seed.

Cryptography and Security

Souhir Gabsi,Yassin Kortli,Vincent Beroulle,Yann Kieffer,Belgacem Hamdi

DOI: https://doi.org/10.1007/s11042-024-18368-9

IF: 2.577

2024-02-18

Multimedia Tools and Applications

Abstract:Elliptical curves are dedicated for several security applications including Radio Frequency Identification (RFID) devices, smart cards, bankcards, etc. To guarantee effective security of such applications, these cryptographic systems require effective resistance to various types of physical attack. Differential Power-Analysis (DPA) attacks were considered the most efficient attacks against scalar multiplication calculation algorithms. In this paper, we propose a countermeasure method against the DPA attacks, for a scalar multiplication algorithm that is basically secure against Simple Power Analysis (SPA) and safe-error attacks. Our proposal is intended for Elliptic Curves Cryptosystems (ECC) algorithms dedicated to low cost applications. We first introduce the different types of side-channel attacks that ECC-based cryptographic algorithms can suffer, as well as their countermeasure methods existing in the literature. We then present an optimized hardware implementation of the most effective scalar multiplication algorithm against SPA and safe-error attacks. Finally, we present our proposed DPA countermeasure method and its effectiveness against other extensions of DPA attacks. Our proposed method is similar to the Basic Random Initial Point (BRIP) method except that the latter is only applicable for the left-to-right algorithm. The proposed method is based on the randomization of processed data during the computation of the scalar multiplication algorithm and prevents vulnerability to Zero-value Point Attack (ZPA), Refined Power analysis (RPA) attack and double attack. In the last part of our paper, we present comparative analysis in terms of computational cost between our proposed method and other countermeasure algorithms presented in the literature, such as Montgomery-ladder, the BRIP algorithm, the left-to-right algorithm and the Co-Z Mont-Ladder algorithm.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Limin Guo,Lihui Wang,Qing Li,Jun Yu,Peng Luo

DOI: https://doi.org/10.1109/cis.2015.92

2015-01-01

Abstract:Dynamic password technology is widely utilized for identity authentication, which depends on using hash functions, such as SM3. And SM3 hash algorithm is based on the mixing of different group operations, such as XOR and addition modulo 232. In this paper, we present two original first-order differential power analysis attacks on dynamic password token based on SM3 algorithm. The two proposed DPA attacks are against XOR and addition modulo 232 operation respectively. Experimental results show that dynamic password token based on SM3 algorithm is vulnerable to side channel attacks, no matter implemented in software or hardware. We also provide a masked implementation of the algorithm, which is designed to avoid those proposed attacks.

R. Niederhagen,P. Schwabe,D. Bernstein,Andreas Hülsing,Joost Rijneveld,Stefan Kölbl

DOI: https://doi.org/10.1145/3319535.3363229

2019-11-06

Abstract:We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. Our second main contribution is the introduction of tweakable hash functions and a demonstration how they allow for a unified security analysis of hash-based signature schemes. We give a security reduction for SPHINCS+ using this abstraction and derive secure parameters in accordance with the resulting bound. Finally, we present speed results for our optimized implementation of SPHINCS+ and compare to SPHINCS-256, Gravity-SPHINCS, and Picnic.

Computer Science

Cong Chen,Thomas Eisenbarth,Ingo von Maurich,Rainer Steinwandt

DOI: https://doi.org/10.1007/978-3-319-28166-7_26

2015-01-01

Abstract:This work presents the first differential power analysis of an implementation of the McEliece cryptosystem. Target of this side-channel attack is a state-of-the-art FPGA implementation of the efficient QC-MDPC McEliece decryption operation as presented at DATE 2014. The presented cryptanalysis succeeds to recover the complete secret key after a few observed decryptions. It consists of a combination of a differential leakage analysis during the syndrome computation followed by an algebraic step that exploits the relation between the public and private key.

Aymeric Genêt

DOI: https://doi.org/10.46586/tches.v2023.i2.80-114

2023-03-06

IACR Transactions on Cryptographic Hardware and Embedded Systems

Abstract:SPHINCS+ is a hash-based digital signature scheme that was selected by NIST in their post-quantum cryptography standardization process. The establishment of a universal forgery on the seminal scheme SPHINCS was shown to be feasible in practice by injecting a fault when the signing device constructs any non-top subtree. Ever since the attack has been made public, little effort was spent to protect the SPHINCS family against attacks by faults. This paper works in this direction in the context of SPHINCS+ and analyzes the current algorithms that aim to prevent fault-based forgeries.First, the paper adapts the original attack to SPHINCS+ reinforced with randomized signing and extends the applicability of the attack to any combination of faulty and valid signatures. Considering the adaptation, the paper then presents a thorough analysis of the attack. In particular, the analysis shows that, with high probability, the security guarantees of SPHINCS+ significantly drop when a single random bit flip occurs anywhere in the signing procedure and that the resulting faulty signature cannot be detected with the verification procedure. The paper shows both in theory and experimentally that the countermeasures based on caching the intermediate W-OTS+s offer a marginally greater protection against unintentional faults, and that such countermeasures are circumvented with a tolerable number of queries in an active attack. Based on these results, the paper recommends real-world deployments of SPHINCS+ to implement redundancy checks.

Basel Halak,Thomas Gibson,Millicent Henley,Cristin-Bianca Botea,Benjamin Heath,Sayedur Khan

DOI: https://doi.org/10.1109/access.2024.3350775

IF: 3.9

2024-01-01

IEEE Access

Abstract:The accelerated development of quantum computers poses a direct threat to all current standards of public key encryption, for example, the Shor algorithm exploits the superposition state of the qubits to solve the problem of integer factorization in polynomial time, rendering all systems whose security relies on this hard mathematical problem not secure. Public key encryption algorithms are used in a multitude of applications that form the core of the digital world (e.g., emails, banking, digital currency, defense, and communication.). The prospects of a quantum machine that can break such systems are too risky to ignore, even if such a computer still needs thirty years to build. This is because adversaries can be storing data now to decrypt later aka. SNLD attack, moreover, some systems have an operational lifetime that spans more than thirty years (e.g., defense, aviation industry). Consequently, the work has already started to develop quantum-attack resilient security schemes. The number of Internet of Things (IoT) devices is expected to be around 29 billion in 2030, forming a significant portion of all computing machines. Most of these will be implemented as embedded systems with limited resources. Consequently, assessing the energy and computational overheads of the quantum-attack resilient security schemes is vital. This work presents a comprehensive study that evaluates the energy and performance costs of the proposed solutions in resource-constrained devices, in comparison with the existing schemes. This was achieved through the development of a testbed that emulates a client-server configuration, wherein both devices perform mutual authentication and then agree on a shared key using the TLS protocol. A Raspberry Pi 3b+ was used as a server, and a client in the first set of experiments. Raspberry Pi Pico W was the client in the second group of tests. The results of the evaluation have shown that Kyber1-Dilithuim-2 is the most resource-efficient solution, it outperforms all other PQC algorithms, including the current scheme that uses elliptic curve cryptography. Our study has also shown the digital signature scheme Sphinx+ is associated with significant latency and energy costs so may not be suitable for IoT-type devices.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guoqiang Bai,Hailiang Fu,Wei Li,Xingjun Wu

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00210

2018-01-01

Abstract:This paper presents a practicable method of differential power attack on SM4 block cipher. We build the power acquisition platform based on SASEBO-G board. Through the platform, the encryption of SM4 algorithm is implemented in hardware and the power curves are obtained by the Agilent oscilloscope at the same time. The hamming weight of 8-bit output of S-box is selected as the power model to realize the DPA attack on MATLAB. Only 2000 power traces are needed to crack the sub-key byte in the first round of standard SM4 algorithm. The cost of DPA attack has been reduced more than 60% compared with the references which need at least 5000 power traces.

Shuzhou Sun,Rui Zhang,Hui Ma

DOI: https://doi.org/10.1109/tpds.2020.2995562

IF: 5.3

2020-11-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:SPHINCS was recently proposed as a stateless, quantum-resilient hash-based signature scheme. However, one possible limitation of SPHINCS is its signing speed, namely, the best known implementation merely produces a few hundred of signatures per second, which is not good enough, e.g., for a social website with a huge amount of users. Aiming at improving the singing throughput, we present highly parallel and optimized implementations of SPHINCS, which can be deployed on various multi-core platforms. As a first step, we give an elementary implementation on x86/64 processors, which proves the effectiveness and correctness of our implementations. To obtain a significantly higher throughput, we implement SPHINCS on Graphics Processing Units (GPUs). Furthermore, we develop a few general and hardware-specific techniques to take full advantage of the computing power of targeted platforms. We instantiate the underlying hash functions with three primitives. Our comprehensive benchmark shows that our work outperforms all the state-of-the-art implementations of SPHINCS regarding throughput with reasonable latency, and has scalability on multiple cores and multiple GPU cards. For instance, for the key generation algorithm instantiated with ChaCha running on a GeForce GTX 1080, we obtain 5152 signatures per second which is $7.88times$<math>7.88×</math> speedup faster than a recent FPGA implementation. When upgrade to TITAN Xp, 6,651 signatures are generated in one second. With four TITAN Xp GPUs, the obtained throughput satisfies vast majority scenarios.

computer science, theory & methods,engineering, electrical & electronic

Limin Guo,Lihui Wang,Dan Liu,Weijun Shan,Zhimin Zhang,Qing Li,Jun Yu

DOI: https://doi.org/10.1109/cis.2015.91

2015-01-01

Abstract:The HMAC algorithm involves a hash function with a secret key. And SM3 is the only standard hash algorithm of China. HMAC-SM3 algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the classical side-channel attacks on it are mainly against these basic group operations and need to exploit multiple leakage models. Therefore, the attack procedures are complicated. What's more, it is difficult to recover the whole inner keyed state if the noise level of the target implementation are relatively high. In this paper, we present a chosen-plaintext differential power analysis attack on HMAC-SM3. The new proposed chosen-plaintext attack method is simply against modulo addition operation and can be easily carried out by collecting power consumption traces four times while certain chosen messages are processed by the target device separately. Experimental results are given using an implementation of HMAC-SM3 algorithm in a smart card.

Limin Guo,Qing Li,Lihui Wang,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.28

2015-01-01

Abstract:Dynamic password technology is one of the most widely utilized methods for identity authentication. The security of dynamic password system depends on the cryptographic strength of the underlying hash function. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithm implementations are vulnerable against side channel attacks. But specific side channel attacks on dynamic password token based on SM3 hash function have not been given so far. This paper presents a differential power analysis attack on dynamic password token based on SM3 algorithm. SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of generating dynamic password using SM3 algorithm in a smart card, which demonstrate the feasibility of such attacks described in this paper.

Huaxin Wang,Yiwen Gao,Yuejun Liu,Qian Zhang,Yongbin Zhou

DOI: https://doi.org/10.1186/s42400-024-00209-9

2024-06-05

Abstract:During the standardisation process of post-quantum cryptography, NIST encourages research on side-channel analysis for candidate schemes. As the recommended lattice signature scheme, CRYSTALS-Dilithium, when implemented on hardware, has seen limited research on side-channel analysis, and current attacks are incomplete or requires a substantial quantity of traces. Therefore, we conducted a more complete analysis to investigate the leakage of an FPGA implementation of CRYSTALS-Dilithium using the Correlation Power Analysis (CPA) method, where with a minimum of 70,000 traces partial private key coefficients can be recovered. Furthermore, we optimise the attack by extracting Point-of-Interests using known information due to parallelism (named CPA-PoI) and by iteratively utilising parallel leakages (named CPA-ITR). Our experimental results show that CPA-PoI reduces the number of traces by up to 16.67%, CPA-ITR by up to 25%, and both increase the number of recovered key coefficients by up to 55.17% and 93.10% using the same number of traces. They outperfom the CPA method. As a result, it suggests that the FPGA implementation of CRYSTALS-Dilithium is more vulnerable than thought before to side-channel analysis.

Cong Chen,Xiangyu Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/ICSICT.2010.5667831

2010-01-01

Abstract:In this paper, an automatic general-purpose Differential Power Analysis (DPA) System for cryptographic devices is designed and implemented. This system aims at testing the security of cryptographic devices, e.g., Smart Card, FPGA and ASIC circuit against DPA attacks. To verify the effectiveness of the system, a DPA attack was successfully carried out by it on an AES cryptographic ASIC chip which had countermeasures implemented in it. The experimental results showed that the correct cipher key of this AES chip could be obtained during less than 3 hours of data processing time with at least 5000 power traces.