Abstract
Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation.
This work was supported in part by the National Natural Science Foundation of China under the grants 60772082 and 61173191, and US National Science Foundation under the grant CNS-0644188.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acıïçmez, O., Koç, Ç.: Trace Driven Cache Attack on AES. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 112–121. Springer, Heidelberg (2006)
Bangerter, E., Gullasch, D., Krenn, S.: Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In: IEEE S&P 2011, pp. 490–505 (2011)
Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.X., Veyrat-Charvillon, N.: Mutual Information Analysis: A Comprehensive Study. Journal of Cryptology 24, 269–291 (2011)
Bernstein, D.J.: Cache-timing attacks on AES (2004), http://cr.yp.to/papers.html#cachetiming
Berthold, T., Heinz, S., Pfetsch, M.E., Winkler, M.: SCIP C solving constraint integer programs. In: SAT 2009 (2009)
Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC 2005, pp. 586–591. IEEE Computer Society (2005)
Bonneau, J.: Robust Final-Round Cache-Trace Attacks Against AES. Cryptology ePrint Archive (2006), http://eprint.iacr.org/2006/374.pdf
Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)
Courtois, N., Ware, D., Jackson, K.: Fault-Algebraic Attacks on Inner Rounds of DES. In: eSmart 2010, pp. 22–24 (September 2010)
Dinur, I., Shamir, A.: Side Channel Cube Attacks on Block Ciphers. Cryptology ePrint Archive (2009), http://eprint.iacr.org/2009/127
Faugère, J.-C.: Gröbner Bases. Applications in Cryptology. In: FSE 2007 Invited Talk (2007), http://fse2007.uni.lu/slides/faugere.pdf
Fournier, J., Tunstall, M.: Cache Based Power Analysis Attacks on AES. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 17–28. Springer, Heidelberg (2006)
Gallais, J., Kizhvatov, I., Tunstall, M.: Improved Trace-Driven Cache-Collision Attacks against Embedded AES Implementations. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 243–257. Springer, Heidelberg (2011)
Gallais, J., Kizhvatov, I.: Error-Tolerance in Trace-Driven Cache Collision Attacks. In: COSADE 2011, pp. 222–232 (2011)
Goyet, C., Faugre, J., Renault, G.: Analysis of the Algebraic Side Channel Attack. In: COSADE 2011, pp. 141–146 (2011)
Handschuh, H., Preneel, B.: Blind Differential Cryptanalysis for Enhanced Power Attacks. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 163–173. Springer, Heidelberg (2007)
Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Knudsen, L.R., Miolane, C.V.: Counting equations in algebraic attacks on block ciphers. International Journal of Information Security 9(2), 127–135 (2010)
Lauradoux, C.: Collision Attacks on Processors with Cache and Countermeasures. In: WEWoRC 2005. LNI, vol. 74, pp. 76–85 (2005)
Improved Differential Fault Analysis of Trivium. In: COSADE 2011, pp. 147–158 (2011)
Neve, M., Seifert, J.: Advances on Access-Driven Cache Attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)
FIPS 197, Advanced Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce, November 26 (2001)
Oren, Y., Kirschbaum, M., Popp, T., Wool, A.: Algebraic Side-Channel Analysis in the Presence of Errors. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 428–442. Springer, Heidelberg (2010)
Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)
Percival, C.: Cache missing for fun and profit (2005), http://www.daemonology.net/hyperthreading-considered-harmful/
Renauld, M., Standaert, F.-X.: Algebraic Side-Channel Attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 393–410. Springer, Heidelberg (2010)
Renauld, M., Standaert, F., Veyrat-Charvillon, N.: Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 97–111. Springer, Heidelberg (2009)
Renauld, M., Standaert, F.-X.: Representation-, Leakage- and Cipher- Dependencies in Algebraic Side-Channel Attacks. In: Industrial Track of ACNS 2010 (2010)
Roche, T.: Multi-Linear cryptanalysis in Power Analysis Attacks. MLPA CoRR abs/0906.0237 (2009)
Schramm, K., Wollinger, T.J., Paar, C.: A New Class of Collision Attacks and Its Application to DES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 206–222. Springer, Heidelberg (2003)
Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28 (1949); see in particular page 704
Soos, M., Nohl, K., Castelluccia, C.: Extending SAT Solvers to Cryptographic Problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009)
Whitnall, C., Oswald, E., Mather, L.: An Exploration of the Kolmogorov-Smirnov Test as Competitor to Mutual Information Analysis. Cryptology ePrint Archive (2011), http://eprint.iacr.org/2011/380.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, X. et al. (2012). MDASCA: An Enhanced Algebraic Side-Channel Attack for Error Tolerance and New Leakage Model Exploitation. In: Schindler, W., Huss, S.A. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2012. Lecture Notes in Computer Science, vol 7275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29912-4_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-29912-4_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29911-7
Online ISBN: 978-3-642-29912-4
eBook Packages: Computer ScienceComputer Science (R0)