Correlation Power Attack Research Articles

Side-Channel Attacks Against the FESH Algorithm

The FESH algorithm is a block cipher algorithm based on finite field operations. Currently, no research has been conducted on its side-channel attack security. Therefore, this study proposes two methods to address this issue: a correlation power analysis attack method targeting the FESH algorithm, and a template attack method based on an improved TransNet model. The first method theoretically analyzed the vulnerabilities of the FESH algorithm and successfully obtained valid leaked information through a correlation power attack; The second method introduced BlurPool blurring and downsampling techniques, as well as normalization operations, which reduced the training parameters of the improved model by approximately 50%. Additionally, the validation was performed on both the FESH dataset and the desynchronized ASCAD public dataset, which provided evidence that the entropy estimates were significantly better than those of the original TransNet model. The experimental results highlight the importance of considering side-channel security when implementing the FESH algorithm.

Power Attack Vulnerability Assessment of Circuit-Level PRESENT Encryption IP Using Artificial Intelligence Mechanisms

Artificial Intelligence (AI) schemes eliminate the need for intellectual human knowledge of crypto algorithms to facilitate side-channel attacks on security implementations. Side channel attack analysis for circuit-level hardware (VLSI) implementations of symmetric-key block ciphers through artificial machine models are yet to be addressed. The proposed design of block cipher architecture, which is the implementation under attack features, secure adiabatic logic style the Charge Balancing Symmetric Pre-resolve Adiabatic Logic (CBSPAL). This style exhibits uniform power consumption through its inherent circuit arrangement, which makes it robust toward side-channel power attacks. This paper considers several Multilayer Perceptron (MLP) architectures to mount non-profiled side-channel attacks on round 1- PRESENT circuit-level implementation. Supervised learning of the MLP models through training with power waveforms employs binary LSB labeling. An attack on the custom dataset with 50,000 supply power traces collected from the CBSPAL implementation fails to retrieve secret information in any of the 8 bytes. The traditional Correlation Power Attack (CPA) was also not thriving with the proposed implementation. Comparison is made through a similar attack approach on benchmark AES (ASCAD dataset), which distinguishes the secret information throughout all the parameters of interest: normalized accuracy, normalized NMM accuracy and rank plots on byte 3.

A Comprehensive Evaluation of Integrated Circuits Side-Channel Resilience Utilizing Three-Independent-Gate Silicon Nanowire Field Effect Transistors-Based Current Mode Logic

Side-channel attack (SCA) is one of the physical attacks, which will reveal the confidential information from cryptographic circuits by statistically analyzing physical manifestations. Various circuit-level countermeasures have been proposed as fundamental solutions to eliminate the correlations between side-channel information and circuit’s internal operations. The existing solutions, however, will introduce nonnegligible power and area overheads, making them difficult to be deployed in resource-constrained applications. In this article, a novel three-independent-gate silicon nanowire field effect transistor (TIGFET) with the intrinsic SCA-resilience characteristics is introduced to balance the tradeoffs among cost, performance, and security of cryptographic implementations. We construct six TIGFET-based current mode logic (CML) gates that can retain lower power variation under all possible transitions compared to the CMOS counterparts. As a proof of concept, advanced encryption standard (AES), SM4 block cipher algorithm (SM4), and lightweight cryptographic algorithm PRESENT are implemented utilizing the TIGFET-based CML gates. Correlation power attack is performed to evaluate the improvement of SCA resilience. Simulation results verify that the TIGFET-based cryptographic implementations decrease 42.37% area usage, lower 61.16% energy efficiency, reduce <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$5.35\times $ </tex-math></inline-formula> power variation, and achieve a similar level of SCA resistance compared to the CMOS counterpart, which is applicable for the resource-constrained applications.

Correlation power attack on a message authentication code based on SM3

Hash-based message authentication code (HMAC) is widely used in authentication and message integrity. As a Chinese hash algorithm, the SM3 algorithm is gradually winning domestic market value in China. The side channel security of HMAC based on SM3 (HMAC-SM3) is still to be evaluated, especially in hardware implementation, where only intermediate values stored in registers have apparent Hamming distance leakage. In addition, the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis. In this paper, a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation. Real attack experiments on a field programmable gate array (FPGA) board have been performed. Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.

Power Analysis Attack of an AES GPU Implementation

In the past, Graphics Processing Unities (GPUs) were mainly used for graphics rendering. In the past 10 years, they have been redesigned and are used to accelerate a wide range of applications, including deep neural networks, image reconstruction and cryptographic algorithms. Despite being the accelerator of choice in a number of important application domains, today’s GPUs receive little attention on their security, especially their vulnerability to realistic and practical threats, such as side-channel attacks. In this work we present our study of side-channel vulnerability targeting a general purpose GPU. We propose and implement a side-channel power analysis methodology to extract all the last round key bytes of an AES (Advanced Encryption Standard) implementation on an NVIDIA TESLA GPU. We first analyze the challenges of capturing GPU power traces due to the degree of concurrency and underlying architectural features of a GPU, and propose techniques to overcome these challenges. We then construct an appropriate power model for the GPU. We describe effective methods to process the GPU power traces and launch a correlation power attack (CPA) on the processed data. We carefully consider the scalability of the attack with increasing degrees of parallelism, a key challenge on the GPU. Both our empirical and theoretical results show that parallel computing hardware systems such as a GPU are vulnerable to power analysis side-channel attacks, and need to be hardened against such threats.

A novel masking scheme for SM3 based MAC

The Chinese hash algorithm SM3 is verified to be secure enough, but improper hardware implementation may lead to leakage. A masking scheme for SM3 algorithm is proposed to ensure the security of SM3 based Message Authentication Code (MAC). Our scheme was implemented in hardware, which utilizes hardware oriented secure conversion techniques between boolean and arithmetic masking. Security evaluation based on SAKURA- G FPGA board has been done with 2000 power traces from 2000 random plaintexts with random plaintext masks and random key masks. It has been verified that the masked SM3 hardware implementation shows no intermediate value leakage as expected. Our masked SM3 hardware can resist first-order correlation power attack (CPA) and collision correlation attack.

An optimized cross correlation power attack of message blinding exponentiation algorithms

The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA). Although cross correlation attacks(CCAs) were given for defeating message blinding methods, however searching for correlation points is difficult for noise, misalignment in practical environment. In this paper, we propose an optimized cross correlation power attack for message blinding exponentiation algorithms. The attack method can select the more correlative power points of share one operation in the modular multiplication by comparing variances between correlation coefficients. Further we demonstrate that the attack method is more efficient in experiments with hardware implementation of RSA on a crypto chip card. In addition to the proposed CCA method can recovery all 1024bits secret key and recognition rate increases to 100% even when the recorded signals are noisy.

Correlation Power Analysis using Measured and Simulated Power Traces based on Hamming Distance Power Model – Attacking 16-bit Integer Multiplier in FPGA

In many cases side channel attacks complexity are estimated by considering attack simulations only. Regarding this estimations, parameters of cryptographic devices are set so the attack is infeasible. This work shows that this approach to secure cryptographic equipment can be dangerous because real attacks can be much better than expected according to simulations. This observation is presented on very generic Correlation Power Attack using Hamming Distance Power Model. This attack is aimed against integer multiplier implemented in FPGA. In cryptography, an integer multiplier power consumption can sometimes be exploited to reveal a secret. Very often it is in asymmetric cryptography that is used in PKI as a fundamental building block. As an example, there are DSA and its various derivations.

모듈라 곱셈의 충돌 입력에 기반한 부채널 공격 및 대응책

ABSTRACT The power analysis attack is a cryptanalytic technique to retri eve an user's secret key using the side-channel power leakage occurred during the execution of cryptographic algorithm embedd ed on a physical device. Especially, many power analysis attacks have targeted on an exponentiation algorithm which is c omposed of hundreds of squarings and multiplications and adopted in public key cryptosystem such as RSA. Recently, a new correlation power attack, which is tried when two modular multiplications have a same input, is proposed in order to reco ver secret key. In this paper, after reviewing the principle of side-channel attack based on input collisions in modular multip lications, we analyze the vulnerability of some exponentiation algorithms having regularity property. Furthermore, we present an improved exponentiation countermeasure to resist against the input collision-based CPA(Correlation Power Analysis) attack an d existing side channel attacks and compare its security with other countermeasures.Keywords: Power Analysis Attack, Exponentiation Algorithm, Modular Multi plication, Input Collision-based CPA