Skip to main content
SpringerLink
Log in

MDASCA: An Enhanced Algebraic Side-Channel Attack for Error Tolerance and New Leakage Model Exploitation

  • Conference paper
Book cover Constructive Side-Channel Analysis and Secure Design (COSADE 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7275))

Abstract

Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation.

This work was supported in part by the National Natural Science Foundation of China under the grants 60772082 and 61173191, and US National Science Foundation under the grant CNS-0644188.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Acıïçmez, O., Koç, Ç.: Trace Driven Cache Attack on AES. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 112–121. Springer, Heidelberg (2006)

    Google Scholar 

  2. Bangerter, E., Gullasch, D., Krenn, S.: Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In: IEEE S&P 2011, pp. 490–505 (2011)

    Google Scholar 

  3. Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.X., Veyrat-Charvillon, N.: Mutual Information Analysis: A Comprehensive Study. Journal of Cryptology 24, 269–291 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  4. Bernstein, D.J.: Cache-timing attacks on AES (2004), http://cr.yp.to/papers.html#cachetiming

  5. Berthold, T., Heinz, S., Pfetsch, M.E., Winkler, M.: SCIP C solving constraint integer programs. In: SAT 2009 (2009)

    Google Scholar 

  6. Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC 2005, pp. 586–591. IEEE Computer Society (2005)

    Google Scholar 

  7. Bonneau, J.: Robust Final-Round Cache-Trace Attacks Against AES. Cryptology ePrint Archive (2006), http://eprint.iacr.org/2006/374.pdf

  8. Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Courtois, N., Ware, D., Jackson, K.: Fault-Algebraic Attacks on Inner Rounds of DES. In: eSmart 2010, pp. 22–24 (September 2010)

    Google Scholar 

  11. Dinur, I., Shamir, A.: Side Channel Cube Attacks on Block Ciphers. Cryptology ePrint Archive (2009), http://eprint.iacr.org/2009/127

  12. Faugère, J.-C.: Gröbner Bases. Applications in Cryptology. In: FSE 2007 Invited Talk (2007), http://fse2007.uni.lu/slides/faugere.pdf

  13. Fournier, J., Tunstall, M.: Cache Based Power Analysis Attacks on AES. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 17–28. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Gallais, J., Kizhvatov, I., Tunstall, M.: Improved Trace-Driven Cache-Collision Attacks against Embedded AES Implementations. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 243–257. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  15. Gallais, J., Kizhvatov, I.: Error-Tolerance in Trace-Driven Cache Collision Attacks. In: COSADE 2011, pp. 222–232 (2011)

    Google Scholar 

  16. Goyet, C., Faugre, J., Renault, G.: Analysis of the Algebraic Side Channel Attack. In: COSADE 2011, pp. 141–146 (2011)

    Google Scholar 

  17. Handschuh, H., Preneel, B.: Blind Differential Cryptanalysis for Enhanced Power Attacks. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 163–173. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  18. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  19. Knudsen, L.R., Miolane, C.V.: Counting equations in algebraic attacks on block ciphers. International Journal of Information Security 9(2), 127–135 (2010)

    Article  Google Scholar 

  20. Lauradoux, C.: Collision Attacks on Processors with Cache and Countermeasures. In: WEWoRC 2005. LNI, vol. 74, pp. 76–85 (2005)

    Google Scholar 

  21. Improved Differential Fault Analysis of Trivium. In: COSADE 2011, pp. 147–158 (2011)

    Google Scholar 

  22. Neve, M., Seifert, J.: Advances on Access-Driven Cache Attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  23. FIPS 197, Advanced Encryption Standard, Federal Information Processing Standard, NIST, U.S. Dept. of Commerce, November 26 (2001)

    Google Scholar 

  24. Oren, Y., Kirschbaum, M., Popp, T., Wool, A.: Algebraic Side-Channel Analysis in the Presence of Errors. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 428–442. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  25. Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Percival, C.: Cache missing for fun and profit (2005), http://www.daemonology.net/hyperthreading-considered-harmful/

  27. Renauld, M., Standaert, F.-X.: Algebraic Side-Channel Attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 393–410. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  28. Renauld, M., Standaert, F., Veyrat-Charvillon, N.: Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 97–111. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  29. Renauld, M., Standaert, F.-X.: Representation-, Leakage- and Cipher- Dependencies in Algebraic Side-Channel Attacks. In: Industrial Track of ACNS 2010 (2010)

    Google Scholar 

  30. Roche, T.: Multi-Linear cryptanalysis in Power Analysis Attacks. MLPA CoRR abs/0906.0237 (2009)

    Google Scholar 

  31. Schramm, K., Wollinger, T.J., Paar, C.: A New Class of Collision Attacks and Its Application to DES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 206–222. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  32. Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28 (1949); see in particular page 704

    Google Scholar 

  33. Soos, M., Nohl, K., Castelluccia, C.: Extending SAT Solvers to Cryptographic Problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  34. Whitnall, C., Oswald, E., Mather, L.: An Exploration of the Kolmogorov-Smirnov Test as Competitor to Mutual Information Analysis. Cryptology ePrint Archive (2011), http://eprint.iacr.org/2011/380.pdf

Download references

Author information

Authors and Affiliations

  1. Ordnance Engineering College, Shijiazhuang, Hebei, China

    Xinjie Zhao, Tao Wang, Huiying Liu & Keke Ji

  2. University of Connecticut, Storrs, Connecticut, USA

    Fan Zhang & Zhijie Shi

  3. The Institute of North Electronic Equipment, Beijing, China

    Shize Guo

Authors
  1. Xinjie Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shize Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zhijie Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Huiying Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Keke Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Bundesamt für Sicherheit in der Informationstechnik (BSI), Godesberger Allee 185–189, 53175, Bonn, Germany

    Werner Schindler

  2. Department of Computer Science, Integrated Circuits and Systems Lab, Technische Universität Darmstadt, Hochschulstr. 10, 64289, Darmstadt, Germany

    Sorin A. Huss

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhao, X. et al. (2012). MDASCA: An Enhanced Algebraic Side-Channel Attack for Error Tolerance and New Leakage Model Exploitation. In: Schindler, W., Huss, S.A. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2012. Lecture Notes in Computer Science, vol 7275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29912-4_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29912-4_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29911-7

  • Online ISBN: 978-3-642-29912-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation