Abstract
This paper presents the employment of a DPA attack on the NIST (National Institute of Standards and Technology) standardized AES (advance encryption standard) protocol for key retrieval and prevention. Towards key retrieval, we applied the DPA attack on AES to obtain a 128-bit secret key by measuring the power traces of the computations involved in the algorithm. In resistance to the DPA attack, we proposed a countermeasure, or a new modified masking scheme, comprising (i) Boolean and (ii) multiplicative masking, for linear and non-linear operations of AES, respectively. Furthermore, we improved the complexity involved in Boolean masking by introducing Rebecca’s approximation. Moreover, we provide a novel solution to tackle the zero mask problem in multiplicative masking. To evaluate the power traces, we propose our custom correlation technique, which results in a decrease in the calculation time. The synthesis results for original implementation (without countermeasure) and inclusion of countermeasure are given on a Zynq 7020 FPGA (Artix-7 device). It takes 424 FPGA slices when implemented without considering the countermeasure, whereas 714 slices are required to implement AES with the inclusion of the proposed countermeasure. Consequently, the implementation results provide the acceptability of this work for area-constrained applications that require prevention against DPA attacks.
Highlights
Cryptography is one of the ways to secure unprotected data or information against unauthorized users on the unsecured internet
We present two different case studies that express the true need for the countermeasure and it leads toward the shortcoming as described in the forthcoming section
We applied the differential power analysis (DPA) attack on our FPGA implementation to obtain the secret key by measuring the power traces of the computations involved in the AES algorithm
Summary
Cryptography is one of the ways to secure unprotected data or information against unauthorized users on the unsecured internet. The solutions, published in [11,12,13], perform a correlation power analysis (CPA) attack on AES by analyzing the power leakage of the device during the execution of the encryption process, and successfully retrieve the entire secret key. The power consumption of the target device depends on the data it processes and the operation it performs (it exposes the algorithm to SCA) To prevent this situation, several countermeasures have been developed/proposed in the literature to reduce the possibility of an attack on the cryptography algorithm. A countermeasure based on adiabatic logic (implemented in the AddRoundKey block of AES) is provided This breaks the dependency between the power consumption of the device and the secret key. Their analysis highlights the greater leakage of AMD processors as compared to a prefetch-based attack on Intel processors [31]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.